From 35dc4800e07135af1894ff817b8e51d2cf302932 Mon Sep 17 00:00:00 2001 From: mettacrawler Date: Sun, 5 Nov 2017 15:28:44 -0500 Subject: [PATCH 001/277] basic-install.sh - no CIDR in ifcfg-* Do not expect CIDR format IP addresses in /etc/sysconfig/network-scripts/ifcfg-* files as it is not a requirement. Expect only: IPADDR=10.10.10.10 Do not expect: IPADDR=10.10.10.10/24 --- automated install/basic-install.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 647661f8..e7c3f189 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -684,13 +684,13 @@ setStaticIPv4() { elif [[ -f "/etc/sysconfig/network-scripts/ifcfg-${PIHOLE_INTERFACE}" ]];then # If it exists, IFCFG_FILE=/etc/sysconfig/network-scripts/ifcfg-${PIHOLE_INTERFACE} + IPADDR=$(echo "${IPV4_ADDRESS}" | cut -f1 -d/) # check if the desired IP is already set - if grep -q "${IPV4_ADDRESS}" "${IFCFG_FILE}"; then + if grep -q "${IPADDR}" "${IFCFG_FILE}"; then echo -e " ${INFO} Static IP already configured" # Otherwise, else # Put the IP in variables without the CIDR notation - IPADDR=$(echo "${IPV4_ADDRESS}" | cut -f1 -d/) CIDR=$(echo "${IPV4_ADDRESS}" | cut -f2 -d/) # Backup existing interface configuration: cp "${IFCFG_FILE}" "${IFCFG_FILE}".pihole.orig From 2c8dcd86e570df2c1b1372b330b095d749f804d9 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Thu, 9 Nov 2017 20:47:15 +0000 Subject: [PATCH 002/277] remove package_check to avoid situations like #1760 Signed-off-by: Adam Warner --- automated install/uninstall.sh | 14 +------------- 1 file changed, 1 insertion(+), 13 deletions(-) diff --git a/automated install/uninstall.sh b/automated install/uninstall.sh index 2f4f4f9f..5628702f 100755 --- a/automated install/uninstall.sh +++ b/automated install/uninstall.sh @@ -62,19 +62,12 @@ if [ -x "$(command -v rpm)" ]; then package_check() { rpm -qa | grep ^$1- > /dev/null } - package_cleanup() { - ${SUDO} ${PKG_MANAGER} -y autoremove - } elif [ -x "$(command -v apt-get)" ]; then # Debian Family PKG_REMOVE="${PKG_MANAGER} -y remove --purge" package_check() { dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed" } - package_cleanup() { - ${SUDO} ${PKG_MANAGER} -y autoremove - ${SUDO} ${PKG_MANAGER} -y autoclean - } else echo -e " ${CROSS} OS distribution not supported" exit 1 @@ -103,14 +96,9 @@ removeAndPurge() { done # Remove dnsmasq config files - ${SUDO} rm -f /etc/dnsmasq.conf /etc/dnsmasq.conf.orig /etc/dnsmasq.d/01-pihole.conf &> /dev/null + ${SUDO} rm -f /etc/dnsmasq.conf /etc/dnsmasq.conf.orig /etc/dnsmasq.d/*-pihole*.conf &> /dev/null echo -e " ${TICK} Removing dnsmasq config files" - # Take care of any additional package cleaning - echo -ne " ${INFO} Removing & cleaning remaining dependencies..." - package_cleanup &> /dev/null - echo -e "${OVER} ${TICK} Removed & cleaned up remaining dependencies" - # Call removeNoPurge to remove Pi-hole specific files removeNoPurge } From 36945a67d03d7ea28b706ed4b5b0b57b2ed0c93a Mon Sep 17 00:00:00 2001 From: Ryan Knapper Date: Wed, 7 Feb 2018 17:04:10 -0500 Subject: [PATCH 003/277] Prevent redundant entries in to adlists.list Grep ${args[3]} and only add if grep -c -eq 0 Signed-off-by: Ryan Knapper --- advanced/Scripts/webpage.sh | 21 ++++----------------- 1 file changed, 4 insertions(+), 17 deletions(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index d47eaff6..bd69d8ad 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -182,10 +182,6 @@ trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC68345710423 add_dnsmasq_setting "interface" "${PIHOLE_INTERFACE}" fi - if [[ "${CONDITIONAL_FORWARDING}" == true ]]; then - add_dnsmasq_setting "server=/${CONDITIONAL_FORWARDING_DOMAIN}/${CONDITIONAL_FORWARDING_IP}" - add_dnsmasq_setting "server=/${CONDITIONAL_FORWARDING_REVERSE}/${CONDITIONAL_FORWARDING_IP}" - fi } @@ -215,17 +211,6 @@ SetDNSServers() { else change_setting "DNSSEC" "false" fi - if [[ "${args[6]}" == "conditional_forwarding" ]]; then - change_setting "CONDITIONAL_FORWARDING" "true" - change_setting "CONDITIONAL_FORWARDING_IP" "${args[7]}" - change_setting "CONDITIONAL_FORWARDING_DOMAIN" "${args[8]}" - change_setting "CONDITIONAL_FORWARDING_REVERSE" "${args[9]}" - else - change_setting "CONDITIONAL_FORWARDING" "false" - delete_setting "CONDITIONAL_FORWARDING_IP" - delete_setting "CONDITIONAL_FORWARDING_DOMAIN" - delete_setting "CONDITIONAL_FORWARDING_REVERSE" - fi ProcessDNSSettings @@ -269,7 +254,7 @@ ProcessDHCPSettings() { fi if [[ "${PIHOLE_DOMAIN}" == "" ]]; then - PIHOLE_DOMAIN="local" + PIHOLE_DOMAIN="lan" change_setting "PIHOLE_DOMAIN" "${PIHOLE_DOMAIN}" fi @@ -361,7 +346,9 @@ CustomizeAdLists() { elif [[ "${args[2]}" == "disable" ]]; then sed -i "\\@${args[3]}@s/^http/#http/g" "${list}" elif [[ "${args[2]}" == "add" ]]; then - echo "${args[3]}" >> ${list} + if [[ $(grep -c "${args[3]}" "${list}") -eq 0 ]] ; then + echo "${args[3]}" >> ${list} + fi elif [[ "${args[2]}" == "del" ]]; then var=$(echo "${args[3]}" | sed 's/\//\\\//g') sed -i "/${var}/Id" "${list}" From f2b3752f3dea7bd7e7e9ab6e06fba372bebeb454 Mon Sep 17 00:00:00 2001 From: Ryan Knapper Date: Wed, 7 Feb 2018 17:08:55 -0500 Subject: [PATCH 004/277] lan to local Reduced differences. Signed-off-by: Ryan Knapper --- advanced/Scripts/webpage.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index bd69d8ad..6e13d24e 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -254,7 +254,7 @@ ProcessDHCPSettings() { fi if [[ "${PIHOLE_DOMAIN}" == "" ]]; then - PIHOLE_DOMAIN="lan" + PIHOLE_DOMAIN="local" change_setting "PIHOLE_DOMAIN" "${PIHOLE_DOMAIN}" fi From c17d95bfeddface2fc74882d0f38a8197e844bfd Mon Sep 17 00:00:00 2001 From: Ryan Knapper Date: Mon, 19 Feb 2018 10:22:28 -0500 Subject: [PATCH 005/277] Proper output for debug CPU detection Inserted "log_write" to properly output CPU detection lines. Signed-off-by: Ryan Knapper (ryanknapper@gmail.com> --- advanced/Scripts/piholeDebug.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index b668af94..5918ec1b 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -465,15 +465,15 @@ processor_check() { else # Check if the architecture is currently supported for FTL case "${PROCESSOR}" in - "amd64") "${TICK} ${COL_GREEN}${PROCESSOR}${COL_NC}" + "amd64") log_write "${TICK} ${COL_GREEN}${PROCESSOR}${COL_NC}" ;; - "armv6l") "${TICK} ${COL_GREEN}${PROCESSOR}${COL_NC}" + "armv6l") log_write "${TICK} ${COL_GREEN}${PROCESSOR}${COL_NC}" ;; - "armv6") "${TICK} ${COL_GREEN}${PROCESSOR}${COL_NC}" + "armv6") log_write "${TICK} ${COL_GREEN}${PROCESSOR}${COL_NC}" ;; - "armv7l") "${TICK} ${COL_GREEN}${PROCESSOR}${COL_NC}" + "armv7l") log_write "${TICK} ${COL_GREEN}${PROCESSOR}${COL_NC}" ;; - "aarch64") "${TICK} ${COL_GREEN}${PROCESSOR}${COL_NC}" + "aarch64") log_write "${TICK} ${COL_GREEN}${PROCESSOR}${COL_NC}" ;; # Otherwise, show the processor type *) log_write "${INFO} ${PROCESSOR}"; From e61d8e4fb84130560f28021b484a9d4350e38268 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Thu, 22 Feb 2018 14:45:31 +0000 Subject: [PATCH 006/277] adlists.default no longer used. No need to reference it. Use --force switch of gravity to force the cache refresh Signed-off-by: Adam Warner --- automated install/basic-install.sh | 16 +--------------- 1 file changed, 1 insertion(+), 15 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index b694b527..c5eb17e4 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1378,22 +1378,8 @@ installCron() { # Gravity is a very important script as it aggregates all of the domains into a single HOSTS formatted list, # which is what Pi-hole needs to begin blocking ads runGravity() { - echo "" - echo -e " ${INFO} Preparing to run gravity.sh to refresh hosts..." - # If cached lists exist, - if ls /etc/pihole/list* 1> /dev/null 2>&1; then - echo -e " ${INFO} Cleaning up previous install (preserving whitelist/blacklist)" - # remove them - rm /etc/pihole/list.* - fi - # If the default ad lists file exists, - if [[ ! -e /etc/pihole/adlists.default ]]; then - # copy it over from the local repo - cp ${PI_HOLE_LOCAL_REPO}/adlists.default /etc/pihole/adlists.default - fi - echo -e " ${INFO} Running gravity.sh" # Run gravity in the current shell - { /opt/pihole/gravity.sh; } + { /opt/pihole/gravity.sh --force; } } # Check if the pihole user exists and create if it does not From 0541d8f1c550e9c55acfdcbbbd6b225885644ac1 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 24 Feb 2018 11:13:33 +0100 Subject: [PATCH 007/277] Try to determine if the user is running a 32bit OS on a 64bit system. If so, download the 32bit binary as we cannot expect the 64bit libraries to be present. Signed-off-by: DL6ER --- advanced/Scripts/piholeCheckout.sh | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/advanced/Scripts/piholeCheckout.sh b/advanced/Scripts/piholeCheckout.sh index 9e97c69c..63198b5a 100644 --- a/advanced/Scripts/piholeCheckout.sh +++ b/advanced/Scripts/piholeCheckout.sh @@ -68,9 +68,20 @@ FTLinstall() { } get_binary_name() { + # This gives the machine architecture which may be different from the OS architecture... local machine machine=$(uname -m) + # This gives the architecture of packages dpkg installs (for example, "i386") + local dpkgarch + dpkgarch=$(dpkg --print-architecture 2> /dev/null) + + # Special case: This is a 32 bit OS, installed on a 64 bit machine + # -> change machine architecture to download the 32 bit executable + if [[ "${machine}" == "x86_64" && "${dpkgarch}" == "i386" ]]; then + machine="i686" + fi + local str str="Detecting architecture" echo -ne " ${INFO} ${str}..." From b87bcc8f5f876811aa2bf4bd572aeb609f72e94c Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 24 Feb 2018 13:23:06 +0100 Subject: [PATCH 008/277] Modifications in pihole-FTL.service for FTLDNS Signed-off-by: DL6ER --- advanced/pihole-FTL.service | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/advanced/pihole-FTL.service b/advanced/pihole-FTL.service index 959b7794..a21fd260 100644 --- a/advanced/pihole-FTL.service +++ b/advanced/pihole-FTL.service @@ -29,9 +29,11 @@ start() { mkdir -p /var/run/pihole mkdir -p /var/log/pihole chown pihole:pihole /var/run/pihole /var/log/pihole - rm /var/run/pihole/FTL.sock - chown pihole:pihole /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port /etc/pihole + rm /var/run/pihole/FTL.sock 2> /dev/null + chown pihole:pihole /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port + chown pihole:pihole /etc/pihole /etc/pihole/dhcp.leases /var/log/pihole.log chmod 0644 /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole.log + setcap CAP_NET_BIND_SERVICE=+eip "$(which pihole-FTL)" su -s /bin/sh -c "/usr/bin/pihole-FTL" "$FTLUSER" echo fi From e8ec0dc701d00a2d8a8d5f5a0da5329a4748b059 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sun, 25 Feb 2018 09:34:04 +0100 Subject: [PATCH 009/277] Use pihole-FTL resolver in pihole and gravity Signed-off-by: DL6ER --- gravity.sh | 6 ++++-- pihole | 13 ++++++------- 2 files changed, 10 insertions(+), 9 deletions(-) diff --git a/gravity.sh b/gravity.sh index ce2734fc..22c78201 100755 --- a/gravity.sh +++ b/gravity.sh @@ -42,6 +42,8 @@ preEventHorizon="list.preEventHorizon" skipDownload="false" +resolver="pihole-FTL" + # Source setupVars from install script setupVars="${piholeDir}/setupVars.conf" if [[ -f "${setupVars}" ]];then @@ -102,7 +104,7 @@ gravity_CheckDNSResolutionAvailable() { fi # Determine error output message - if pidof dnsmasq &> /dev/null; then + if pidof "${resolver}" &> /dev/null; then echo -e " ${CROSS} DNS resolution is currently unavailable" else echo -e " ${CROSS} DNS service is not running" @@ -560,7 +562,7 @@ gravity_Cleanup() { echo -e "${OVER} ${TICK} ${str}" # Only restart DNS service if offline - if ! pidof dnsmasq &> /dev/null; then + if ! pidof "${resolver}" &> /dev/null; then "${PIHOLE_COMMAND}" restartdns dnsWasOffline=true fi diff --git a/pihole b/pihole index 4421cb87..54701027 100755 --- a/pihole +++ b/pihole @@ -14,6 +14,8 @@ readonly wildcardlist="/etc/dnsmasq.d/03-pihole-wildcard.conf" readonly colfile="${PI_HOLE_SCRIPT_DIR}/COL_TABLE" source "${colfile}" +resolver="pihole-FTL" + # Must be root to use this tool if [[ ! $EUID -eq 0 ]];then if [[ -x "$(command -v sudo)" ]]; then @@ -332,18 +334,18 @@ restartDNS() { local svcOption svc str output status svcOption="${1:-}" - # Determine if we should reload or restart dnsmasq + # Determine if we should reload or restart restart if [[ "${svcOption}" =~ "reload" ]]; then # Using SIGHUP will NOT re-read any *.conf files - svc="killall -s SIGHUP dnsmasq" + svc="killall -s SIGHUP \"${resolver}\"" else - # Get PID of dnsmasq to determine if it needs to start or restart + # Get PID of resolver to determine if it needs to start or restart if pidof dnsmasq &> /dev/null; then svcOption="restart" else svcOption="start" fi - svc="service dnsmasq ${svcOption}" + svc="service \"${resolver}\" ${svcOption}" fi # Print output to Terminal, but not to Web Admin @@ -359,9 +361,6 @@ restartDNS() { [[ ! -t 1 ]] && local OVER="" echo -e "${OVER} ${CROSS} ${output}" fi - - # Send signal to FTL to have it re-parse the gravity files - killall -s SIGHUP pihole-FTL } piholeEnable() { From 09886a3f11889f485febcb16bd057a91496fe5ed Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sun, 25 Feb 2018 10:11:11 +0100 Subject: [PATCH 010/277] Add resolveconf config to pihole-FTL.service Signed-off-by: DL6ER --- advanced/pihole-FTL.service | 3 +++ 1 file changed, 3 insertions(+) diff --git a/advanced/pihole-FTL.service b/advanced/pihole-FTL.service index a21fd260..5499cbe0 100644 --- a/advanced/pihole-FTL.service +++ b/advanced/pihole-FTL.service @@ -20,6 +20,7 @@ is_running() { ps "$(get_pid)" > /dev/null 2>&1 } + # Start the service start() { if is_running; then @@ -34,6 +35,7 @@ start() { chown pihole:pihole /etc/pihole /etc/pihole/dhcp.leases /var/log/pihole.log chmod 0644 /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole.log setcap CAP_NET_BIND_SERVICE=+eip "$(which pihole-FTL)" + echo "nameserver 127.0.0.1" | /sbin/resolvconf -a lo.piholeFTL su -s /bin/sh -c "/usr/bin/pihole-FTL" "$FTLUSER" echo fi @@ -42,6 +44,7 @@ start() { # Stop the service stop() { if is_running; then + /sbin/resolvconf -d lo.piholeFTL kill "$(get_pid)" for i in {1..5}; do if ! is_running; then From 56a2924a3360f4a5ecdc60c603f091e8848e23ca Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sun, 25 Feb 2018 23:38:34 +0100 Subject: [PATCH 011/277] Unprivileged processes are subject to full permission checking based on the process's credentials, we have to explicitly allow pihole-FTL to bind to ports < 1024 (port 53 for DNS) and for various advanced network-related operations (to allow for handling DHCP requests) Signed-off-by: DL6ER --- advanced/pihole-FTL.service | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/pihole-FTL.service b/advanced/pihole-FTL.service index 5499cbe0..70d0b9d0 100644 --- a/advanced/pihole-FTL.service +++ b/advanced/pihole-FTL.service @@ -34,7 +34,7 @@ start() { chown pihole:pihole /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port chown pihole:pihole /etc/pihole /etc/pihole/dhcp.leases /var/log/pihole.log chmod 0644 /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole.log - setcap CAP_NET_BIND_SERVICE=+eip "$(which pihole-FTL)" + setcap CAP_NET_BIND_SERVICE,CAP_NET_ADMIN+eip "$(which pihole-FTL)" echo "nameserver 127.0.0.1" | /sbin/resolvconf -a lo.piholeFTL su -s /bin/sh -c "/usr/bin/pihole-FTL" "$FTLUSER" echo From fcdc85eab8c658166c1529e308b3067d7005f04e Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sun, 25 Feb 2018 23:47:11 +0100 Subject: [PATCH 012/277] Remove dnsmasq from dependencies Signed-off-by: DL6ER --- automated install/basic-install.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index b694b527..eeccbf5d 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -163,7 +163,7 @@ if command -v apt-get &> /dev/null; then # These programs are stored in an array so they can be looped through later INSTALLER_DEPS=(apt-utils dialog debconf dhcpcd5 git ${iproute_pkg} whiptail) # Pi-hole itself has several dependencies that also need to be installed - PIHOLE_DEPS=(bc cron curl dnsmasq dnsutils iputils-ping lsof netcat sudo unzip wget idn2 sqlite3) + PIHOLE_DEPS=(bc cron curl dnsutils iputils-ping lsof netcat sudo unzip wget idn2 sqlite3) # The Web dashboard has some that also need to be installed # It's useful to separate the two since our repos are also setup as "Core" code and "Web" code PIHOLE_WEB_DEPS=(lighttpd ${phpVer}-common ${phpVer}-cgi ${phpVer}-${phpSqlite}) @@ -207,7 +207,7 @@ elif command -v rpm &> /dev/null; then PKG_INSTALL=(${PKG_MANAGER} install -y) PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l" INSTALLER_DEPS=(dialog git iproute net-tools newt procps-ng) - PIHOLE_DEPS=(bc bind-utils cronie curl dnsmasq findutils nmap-ncat sudo unzip wget libidn2 psmisc) + PIHOLE_DEPS=(bc bind-utils cronie curl findutils nmap-ncat sudo unzip wget libidn2 psmisc) PIHOLE_WEB_DEPS=(lighttpd lighttpd-fastcgi php php-common php-cli php-pdo) # EPEL (https://fedoraproject.org/wiki/EPEL) is required for lighttpd on CentOS if grep -qi 'centos' /etc/redhat-release; then From 7ed45d26c29bd86e540779e324ad07928823bddb Mon Sep 17 00:00:00 2001 From: DL6ER Date: Mon, 26 Feb 2018 17:26:51 +0100 Subject: [PATCH 013/277] Remove " " at some places where they shouldn't be Signed-off-by: DL6ER --- gravity.sh | 4 ++-- pihole | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/gravity.sh b/gravity.sh index 22c78201..9d3bad95 100755 --- a/gravity.sh +++ b/gravity.sh @@ -104,7 +104,7 @@ gravity_CheckDNSResolutionAvailable() { fi # Determine error output message - if pidof "${resolver}" &> /dev/null; then + if pidof ${resolver} &> /dev/null; then echo -e " ${CROSS} DNS resolution is currently unavailable" else echo -e " ${CROSS} DNS service is not running" @@ -562,7 +562,7 @@ gravity_Cleanup() { echo -e "${OVER} ${TICK} ${str}" # Only restart DNS service if offline - if ! pidof "${resolver}" &> /dev/null; then + if ! pidof ${resolver} &> /dev/null; then "${PIHOLE_COMMAND}" restartdns dnsWasOffline=true fi diff --git a/pihole b/pihole index 54701027..c18ba12d 100755 --- a/pihole +++ b/pihole @@ -337,7 +337,7 @@ restartDNS() { # Determine if we should reload or restart restart if [[ "${svcOption}" =~ "reload" ]]; then # Using SIGHUP will NOT re-read any *.conf files - svc="killall -s SIGHUP \"${resolver}\"" + svc="killall -s SIGHUP ${resolver}" else # Get PID of resolver to determine if it needs to start or restart if pidof dnsmasq &> /dev/null; then @@ -345,7 +345,7 @@ restartDNS() { else svcOption="start" fi - svc="service \"${resolver}\" ${svcOption}" + svc="service ${resolver} ${svcOption}" fi # Print output to Terminal, but not to Web Admin From 5ecfc58e5fb016d1f8fd031325d8f7c98aa8cb4a Mon Sep 17 00:00:00 2001 From: Ryan Knapper Date: Wed, 28 Feb 2018 13:06:07 -0500 Subject: [PATCH 014/277] Require exact match Updated to require an exact match to reduce false-positives, as suggested by DL6ER. Signed-off-by: Ryan Knapper --- advanced/Scripts/webpage.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index 6e13d24e..3c76e173 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -346,7 +346,7 @@ CustomizeAdLists() { elif [[ "${args[2]}" == "disable" ]]; then sed -i "\\@${args[3]}@s/^http/#http/g" "${list}" elif [[ "${args[2]}" == "add" ]]; then - if [[ $(grep -c "${args[3]}" "${list}") -eq 0 ]] ; then + if [[ $(grep -c "^${args[3]}$" "${list}") -eq 0 ]] ; then echo "${args[3]}" >> ${list} fi elif [[ "${args[2]}" == "del" ]]; then From 0b87f489d53ceb11f9c37b523be53d74e8cc43a8 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Sat, 3 Mar 2018 15:59:56 +0000 Subject: [PATCH 015/277] Look for pihole-FTL, not dnsmasq! Signed-off-by: Adam Warner --- pihole | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pihole b/pihole index c18ba12d..3de16caf 100755 --- a/pihole +++ b/pihole @@ -340,7 +340,7 @@ restartDNS() { svc="killall -s SIGHUP ${resolver}" else # Get PID of resolver to determine if it needs to start or restart - if pidof dnsmasq &> /dev/null; then + if pidof pihole-FTL &> /dev/null; then svcOption="restart" else svcOption="start" From 8cf8da4c78cbcf92c3e196d90332a15395250520 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Tue, 6 Mar 2018 18:44:57 +0000 Subject: [PATCH 016/277] - Check file /etc/pihole/ftlbranch for current FTL branch, download from github if master, or pi-hole.net if other - Check if downloaded binary file can resolve queries, if so stop and disable dnsmasq - Add service_disable function - Add dependency libcap2-bin on debian to enable setcap. Need to check other distos -Always download FTL binary if /etc/pihole/ftlbranch does not contain "master" - Change some strings/variables that reference dnsmasq and change them to pihole/pihole-FTL Signed-off-by: Adam Warner --- automated install/basic-install.sh | 160 +++++++++++++++++++++-------- test/test_automated_install.py | 2 +- 2 files changed, 121 insertions(+), 41 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 32352306..39855a58 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -163,7 +163,7 @@ if command -v apt-get &> /dev/null; then # These programs are stored in an array so they can be looped through later INSTALLER_DEPS=(apt-utils dialog debconf dhcpcd5 git ${iproute_pkg} whiptail) # Pi-hole itself has several dependencies that also need to be installed - PIHOLE_DEPS=(bc cron curl dnsutils iputils-ping lsof netcat sudo unzip wget idn2 sqlite3) + PIHOLE_DEPS=(bc cron curl dnsutils iputils-ping lsof netcat sudo unzip wget idn2 sqlite3 libcap2-bin dns-root-data resolvconf) # The Web dashboard has some that also need to be installed # It's useful to separate the two since our repos are also setup as "Core" code and "Web" code PIHOLE_WEB_DEPS=(lighttpd ${phpVer}-common ${phpVer}-cgi ${phpVer}-${phpSqlite}) @@ -172,9 +172,7 @@ if command -v apt-get &> /dev/null; then # group, LIGHTTPD_GROUP="www-data" # and config file - LIGHTTPD_CFG="lighttpd.conf.debian" - # The DNS server user - DNSMASQ_USER="dnsmasq" + LIGHTTPD_CFG="lighttpd.conf.debian" # A function to check... test_dpkg_lock() { @@ -202,12 +200,12 @@ elif command -v rpm &> /dev/null; then PKG_MANAGER="yum" fi - # Fedora and family update cache on every PKG_INSTALL call, no need for a separate update. + # Fedora and family update cache on every PKG_INSTALL call, no need for a separate update. UPDATE_PKG_CACHE=":" PKG_INSTALL=(${PKG_MANAGER} install -y) PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l" INSTALLER_DEPS=(dialog git iproute net-tools newt procps-ng) - PIHOLE_DEPS=(bc bind-utils cronie curl findutils nmap-ncat sudo unzip wget libidn2 psmisc) + PIHOLE_DEPS=(bc bind-utils cronie curl findutils nmap-ncat sudo unzip wget libidn2 psmisc libnettle.so.4) PIHOLE_WEB_DEPS=(lighttpd lighttpd-fastcgi php php-common php-cli php-pdo) # EPEL (https://fedoraproject.org/wiki/EPEL) is required for lighttpd on CentOS if grep -qi 'centos' /etc/redhat-release; then @@ -215,8 +213,7 @@ elif command -v rpm &> /dev/null; then fi LIGHTTPD_USER="lighttpd" LIGHTTPD_GROUP="lighttpd" - LIGHTTPD_CFG="lighttpd.conf.fedora" - DNSMASQ_USER="nobody" + LIGHTTPD_CFG="lighttpd.conf.fedora" # If neither apt-get or rmp/dnf are found else @@ -984,6 +981,10 @@ version_check_dnsmasq() { fi echo -en " ${INFO} Copying 01-pihole.conf to /etc/dnsmasq.d/01-pihole.conf..." + # Check to see if dnsmasq directory exists (it may not due to being a fresh install and dnsmasq no longer being a dependency) + if [[ ! -d "/etc/dnsmasq.d" ]];then + mkdir "/etc/dnsmasq.d" + fi # Copy the new Pi-hole DNS config file into the dnsmasq.d directory cp ${dnsmasq_pihole_01_snippet} ${dnsmasq_pihole_01_location} echo -e "${OVER} ${TICK} Copying 01-pihole.conf to /etc/dnsmasq.d/01-pihole.conf" @@ -1158,6 +1159,24 @@ enable_service() { echo -e "${OVER} ${TICK} ${str}" } +# Disable service so that it will not with next reboot +disable_service() { + # Local, named variables + local str="Disabling ${1} service" + echo "" + echo -ne " ${INFO} ${str}..." + # If systemctl exists, + if command -v systemctl &> /dev/null; then + # use that to disable the service + systemctl disable "${1}" &> /dev/null + # Othwerwise, + else + # use update-rc.d to accomplish this + update-rc.d "${1}" disable &> /dev/null + fi + echo -e "${OVER} ${TICK} ${str}" +} + update_package_cache() { # Running apt-get update/upgrade with minimal output can cause some issues with # requiring user input (e.g password for phpmyadmin see #218) @@ -1286,7 +1305,7 @@ install_dependent_packages() { # Create logfiles if necessary CreateLogFile() { - local str="Creating log and changing owner to dnsmasq" + local str="Creating log and changing owner to pihole" echo "" echo -ne " ${INFO} ${str}..." # If the pihole log does not exist, @@ -1296,7 +1315,7 @@ CreateLogFile() { # set the permissions, chmod 644 /var/log/pihole.log # and owners - chown "${DNSMASQ_USER}":root /var/log/pihole.log + chown pihole:root /var/log/pihole.log echo -e "${OVER} ${TICK} ${str}" # Otherwise, else @@ -1423,7 +1442,7 @@ configureFirewall() { # ask if the user wants to install Pi-hole's default firwall rules whiptail --title "Firewall in use" --yesno "We have detected a running firewall\\n\\nPi-hole currently requires HTTP and DNS port access.\\n\\n\\n\\nInstall Pi-hole default firewall rules?" ${r} ${c} || \ { echo -e " ${INFO} Not installing firewall rulesets."; return 0; } - echo -e " ${TICK} Configuring FirewallD for httpd and dnsmasq" + echo -e " ${TICK} Configuring FirewallD for httpd and pihole-FTL" # Allow HTTP and DNS traffice firewall-cmd --permanent --add-service=http --add-service=dns # Reload the firewall to apply these changes @@ -1757,11 +1776,45 @@ FTLinstall() { # Always replace pihole-FTL.service install -T -m 0755 "${PI_HOLE_LOCAL_REPO}/advanced/pihole-FTL.service" "/etc/init.d/pihole-FTL" - # If the download worked, - if curl -sSL --fail "https://github.com/pi-hole/FTL/releases/download/${latesttag%$'\r'}/${binary}" -o "${binary}"; then - # get sha1 of the binary we just downloaded for verification. - curl -sSL --fail "https://github.com/pi-hole/FTL/releases/download/${latesttag%$'\r'}/${binary}.sha1" -o "${binary}.sha1" + local ftlBranch + local url + local ftlBranch + + if [[ -f "/etc/pihole/ftlbranch" ]];then + ftlBranch=$( /dev/null; then + if [[ $(which dnsmasq 2>/dev/null) ]]; then + stop_service dnsmasq + disable_service dnsmasq + #ensure /etc/dnsmasq.conf contains `conf-dir=/etc/dnsmasq.d` + confdir="conf-dir=/etc/dnsmasq.d" + conffile="/etc/dnsmasq.conf" + if ! grep -q "$confdir" "$conffile"; then + echo "$confdir" >> "$conffile" + fi + fi + fi + # If we downloaded binary file (as opposed to text), if sha1sum --status --quiet -c "${binary}".sha1; then echo -n "transferred... " @@ -1865,30 +1918,42 @@ FTLdetect() { echo -e " ${INFO} Checking for existing FTL binary..." local ftlLoc=$(which pihole-FTL 2>/dev/null) + + local ftlBranch + + if [[ -f "/etc/pihole/ftlbranch" ]];then + ftlBranch=$(/dev/null) ]]; then + if pihole-FTL --resolver > /dev/null; then + stop_service pihole-FTL + else + stop_service dnsmasq + fi + else + if [[ $(which dnsmasq 2>/dev/null) ]]; then + stop_service dnsmasq + fi + fi - stop_service dnsmasq if [[ "${INSTALL_WEB}" == true ]]; then stop_service lighttpd fi @@ -2094,8 +2171,11 @@ main() { echo -e " ${INFO} Restarting services..." # Start services - start_service dnsmasq - enable_service dnsmasq + # Only start and enable dnsmasq if FTL does not have the --resolver switch + if ! pihole-FTL --resolver > /dev/null; then + start_service dnsmasq + enable_service dnsmasq + fi # If the Web server was installed, if [[ "${INSTALL_WEB}" == true ]]; then diff --git a/test/test_automated_install.py b/test/test_automated_install.py index 0e961c7f..2c65c660 100644 --- a/test/test_automated_install.py +++ b/test/test_automated_install.py @@ -80,7 +80,7 @@ def test_configureFirewall_firewalld_running_no_errors(Pihole): source /opt/pihole/basic-install.sh configureFirewall ''') - expected_stdout = 'Configuring FirewallD for httpd and dnsmasq' + expected_stdout = 'Configuring FirewallD for httpd and pihole-FTL' assert expected_stdout in configureFirewall.stdout firewall_calls = Pihole.run('cat /var/log/firewall-cmd').stdout assert 'firewall-cmd --state' in firewall_calls From 6584933e9297f82c90e68d4bff3167189fec5870 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Tue, 6 Mar 2018 18:49:38 +0000 Subject: [PATCH 017/277] fix stickler complaints Signed-off-by: Adam Warner --- automated install/basic-install.sh | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 39855a58..f435e269 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1931,8 +1931,10 @@ FTLdetect() { FTLinstall "${binary}" || return 1 else if [[ ${ftlLoc} ]]; then - local FTLversion=$(/usr/bin/pihole-FTL tag) - local FTLlatesttag=$(curl -sI https://github.com/pi-hole/FTL/releases/latest | grep 'Location' | awk -F '/' '{print $NF}' | tr -d '\r\n') + local FTLversion + FTLversion=$(/usr/bin/pihole-FTL tag) + local FTLlatesttag + FTLlatesttag=$(curl -sI https://github.com/pi-hole/FTL/releases/latest | grep 'Location' | awk -F '/' '{print $NF}' | tr -d '\r\n') if [[ "${FTLversion}" != "${FTLlatesttag}" ]]; then # Install FTL @@ -1940,8 +1942,10 @@ FTLdetect() { else echo -e " ${INFO} Latest FTL Binary already installed (${FTLlatesttag}). Confirming Checksum..." - local remoteSha1=$(curl -sSL --fail "https://github.com/pi-hole/FTL/releases/download/${FTLversion%$'\r'}/${binary}.sha1" | cut -d ' ' -f 1) - local localSha1=$(sha1sum "$(which pihole-FTL)" | cut -d ' ' -f 1) + local remoteSha1 + remoteSha1=$(curl -sSL --fail "https://github.com/pi-hole/FTL/releases/download/${FTLversion%$'\r'}/${binary}.sha1" | cut -d ' ' -f 1) + local localSha1 + localSha1=$(sha1sum "$(which pihole-FTL)" | cut -d ' ' -f 1) if [[ "${remoteSha1}" != "${localSha1}" ]]; then echo -e " ${INFO} Corruption detected..." From 512ec7fb8709aabb818a27d2d1390518c346eb6c Mon Sep 17 00:00:00 2001 From: Riley Avron Date: Tue, 6 Mar 2018 21:44:29 -0800 Subject: [PATCH 018/277] Remove unneeded ifs in awk Signed-off-by: Riley Avron --- gravity.sh | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/gravity.sh b/gravity.sh index 395ea548..f1af8d9e 100755 --- a/gravity.sh +++ b/gravity.sh @@ -345,13 +345,14 @@ gravity_ParseFileIntoDomains() { # Scanning for "^IPv4$" is too slow with large (1M) lists on low-end hardware echo -ne " ${INFO} Format: URL" - awk '{ + awk ' # Remove URL protocol, optional "username:password@", and ":?/;" - if ($0 ~ /[:?\/;]/) { gsub(/(^.*:\/\/(.*:.*@)?|[:?\/;].*)/, "", $0) } - # Remove lines which are only IPv4 addresses - if ($0 ~ /^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$/) { $0="" } - if ($0) { print $0 } - }' "${source}" 2> /dev/null > "${destination}" + /[:?\/;]/ { gsub(/(^.*:\/\/(.*:.*@)?|[:?\/;].*)/, "", $0) } + # Skip lines which are only IPv4 addresses + /^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$/ { next } + # Print if nonempty + length { print $0 } + ' "${source}" 2> /dev/null > "${destination}" echo -e "${OVER} ${TICK} Format: URL" else From f390671018b46c9e60ca99bb6810ea43dfb6a9fc Mon Sep 17 00:00:00 2001 From: Riley Avron Date: Tue, 6 Mar 2018 21:48:12 -0800 Subject: [PATCH 019/277] Improve scheme matching to avoid inadvertent blocking Signed-off-by: Riley Avron --- gravity.sh | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/gravity.sh b/gravity.sh index f1af8d9e..011d2f8c 100755 --- a/gravity.sh +++ b/gravity.sh @@ -346,12 +346,16 @@ gravity_ParseFileIntoDomains() { echo -ne " ${INFO} Format: URL" awk ' - # Remove URL protocol, optional "username:password@", and ":?/;" - /[:?\/;]/ { gsub(/(^.*:\/\/(.*:.*@)?|[:?\/;].*)/, "", $0) } + # Remove URL scheme, optional "username:password@", and ":?/;" + # The scheme must be matched carefully to avoid blocking the wrong URL + # in cases like: + # http://www.evil.com?http://www.good.com + # See RFC 3986 section 3.1 for details. + /[:?\/;]/ { gsub(/(^[a-zA-Z][a-zA-Z0-9+.-]*:\/\/(.*:.*@)?|[:?\/;].*)/, "", $0) } # Skip lines which are only IPv4 addresses /^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$/ { next } # Print if nonempty - length { print $0 } + length { print } ' "${source}" 2> /dev/null > "${destination}" echo -e "${OVER} ${TICK} Format: URL" From acd69fa4b07e55ec1ffc4e13af85d0fdd18ba1af Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Wed, 7 Mar 2018 22:19:11 +0000 Subject: [PATCH 020/277] silence push/popd Signed-off-by: Adam Warner --- automated install/basic-install.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index f435e269..4efa9f30 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1771,7 +1771,7 @@ FTLinstall() { fi # Move into the temp ftl directory - pushd "$(mktemp -d)" || { echo "Unable to make temporary directory for FTL binary download"; return 1; } + pushd "$(mktemp -d)" > /dev/null || { echo "Unable to make temporary directory for FTL binary download"; return 1; } # Always replace pihole-FTL.service install -T -m 0755 "${PI_HOLE_LOCAL_REPO}/advanced/pihole-FTL.service" "/etc/init.d/pihole-FTL" @@ -1830,14 +1830,14 @@ FTLinstall() { # Otherise, else # the download failed, so just go back to the original directory - popd || { echo "Unable to return to original directory after FTL binary download."; return 1; } + popd > /dev/null || { echo "Unable to return to original directory after FTL binary download."; return 1; } echo -e "${OVER} ${CROSS} ${str}" echo -e " ${COL_LIGHT_RED}Error: Download of binary from Github failed${COL_NC}" return 1 fi # Otherwise, else - popd || { echo "Unable to return to original directory after FTL binary download."; return 1; } + popd > /dev/null || { echo "Unable to return to original directory after FTL binary download."; return 1; } echo -e "${OVER} ${CROSS} ${str}" # The URL could not be found echo -e " ${COL_LIGHT_RED}Error: URL not found${COL_NC}" From 7193f40b879b43d5493d18ad637a963a16b0fd3f Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Wed, 7 Mar 2018 22:23:05 +0000 Subject: [PATCH 021/277] remove libnettle, missed a >/dev/null Signed-off-by: Adam Warner --- automated install/basic-install.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 4efa9f30..de118052 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -205,7 +205,7 @@ elif command -v rpm &> /dev/null; then PKG_INSTALL=(${PKG_MANAGER} install -y) PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l" INSTALLER_DEPS=(dialog git iproute net-tools newt procps-ng) - PIHOLE_DEPS=(bc bind-utils cronie curl findutils nmap-ncat sudo unzip wget libidn2 psmisc libnettle.so.4) + PIHOLE_DEPS=(bc bind-utils cronie curl findutils nmap-ncat sudo unzip wget libidn2 psmisc) PIHOLE_WEB_DEPS=(lighttpd lighttpd-fastcgi php php-common php-cli php-pdo) # EPEL (https://fedoraproject.org/wiki/EPEL) is required for lighttpd on CentOS if grep -qi 'centos' /etc/redhat-release; then @@ -1823,7 +1823,7 @@ FTLinstall() { # Install the new version with the correct permissions install -T -m 0755 "${binary}" /usr/bin/pihole-FTL # Move back into the original directory the user was in - popd || { echo "Unable to return to original directory after FTL binary download."; return 1; } + popd > /dev/null || { echo "Unable to return to original directory after FTL binary download."; return 1; } # Install the FTL service echo -e "${OVER} ${TICK} ${str}" return 0 From 84bd86f1eecb77e5b6a9b290657f15effc02a9a3 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Wed, 7 Mar 2018 23:31:28 +0000 Subject: [PATCH 022/277] - Test to see if dnsmasq service is enabled before stopping and disabling it. - Some formatting tweaks to the `start_service` `stop_`service` `disable_service` and `enable_service` commands Signed-off-by: Adam Warner --- automated install/basic-install.sh | 71 ++++++++++++++++++------------ 1 file changed, 44 insertions(+), 27 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index de118052..22d549e1 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1112,8 +1112,7 @@ installConfigs() { stop_service() { # Stop service passed in as argument. # Can softfail, as process may not be installed when this is called - local str="Stopping ${1} service" - echo "" + local str="Stopping ${1} service" echo -ne " ${INFO} ${str}..." if command -v systemctl &> /dev/null; then systemctl stop "${1}" &> /dev/null || true @@ -1126,8 +1125,7 @@ stop_service() { # Start/Restart service passed in as argument start_service() { # Local, named variables - local str="Starting ${1} service" - echo "" + local str="Starting ${1} service" echo -ne " ${INFO} ${str}..." # If systemctl exists, if command -v systemctl &> /dev/null; then @@ -1144,8 +1142,7 @@ start_service() { # Enable service so that it will start with next reboot enable_service() { # Local, named variables - local str="Enabling ${1} service to start on reboot" - echo "" + local str="Enabling ${1} service to start on reboot" echo -ne " ${INFO} ${str}..." # If systemctl exists, if command -v systemctl &> /dev/null; then @@ -1162,8 +1159,7 @@ enable_service() { # Disable service so that it will not with next reboot disable_service() { # Local, named variables - local str="Disabling ${1} service" - echo "" + local str="Disabling ${1} service" echo -ne " ${INFO} ${str}..." # If systemctl exists, if command -v systemctl &> /dev/null; then @@ -1177,6 +1173,26 @@ disable_service() { echo -e "${OVER} ${TICK} ${str}" } +check_service_active() { + # If systemctl exists, + if command -v systemctl &> /dev/null; then + # use that to disable the service + if systemctl status "${1}" | grep -q "Active: active" > /dev/null; then + return 0 + else + return 1 + fi + # Othwerwise, + else + # fall back to service command + if service "${1}" status | grep "Active: active" > /dev/null; then + return 0 + else + return 1 + fi + fi +} + update_package_cache() { # Running apt-get update/upgrade with minimal output can cause some issues with # requiring user input (e.g password for phpmyadmin see #218) @@ -1796,25 +1812,8 @@ FTLinstall() { # If the download worked, if curl -sSL --fail "${url}/${binary}" -o "${binary}"; then # get sha1 of the binary we just downloaded for verification. - curl -sSL --fail "${url}/${binary}.sha1" -o "${binary}.sha1" - - # Make the tempory binary executable so that we can test the --resolver flag - chmod +x "${binary}" + curl -sSL --fail "${url}/${binary}.sha1" -o "${binary}.sha1" - # If the --resolver flag returns True (exit code 0), then we can safely stop & disable dnsmasq - if ./"${binary}" --resolver > /dev/null; then - if [[ $(which dnsmasq 2>/dev/null) ]]; then - stop_service dnsmasq - disable_service dnsmasq - #ensure /etc/dnsmasq.conf contains `conf-dir=/etc/dnsmasq.d` - confdir="conf-dir=/etc/dnsmasq.d" - conffile="/etc/dnsmasq.conf" - if ! grep -q "$confdir" "$conffile"; then - echo "$confdir" >> "$conffile" - fi - fi - fi - # If we downloaded binary file (as opposed to text), if sha1sum --status --quiet -c "${binary}".sha1; then echo -n "transferred... " @@ -1826,6 +1825,23 @@ FTLinstall() { popd > /dev/null || { echo "Unable to return to original directory after FTL binary download."; return 1; } # Install the FTL service echo -e "${OVER} ${TICK} ${str}" + # If the --resolver flag returns True (exit code 0), then we can safely stop & disable dnsmasq + if pihole-FTL --resolver > /dev/null; then + if [[ $(which dnsmasq 2>/dev/null) ]]; then + if check_service_active "dnsmasq";then + echo " ${INFO} FTL can now resolve DNS Queries without dnsmasq running separately" + stop_service dnsmasq + disable_service dnsmasq + fi + fi + + #ensure /etc/dnsmasq.conf contains `conf-dir=/etc/dnsmasq.d` + confdir="conf-dir=/etc/dnsmasq.d" + conffile="/etc/dnsmasq.conf" + if ! grep -q "$confdir" "$conffile"; then + echo "$confdir" >> "$conffile" + fi + fi return 0 # Otherise, else @@ -1834,7 +1850,7 @@ FTLinstall() { echo -e "${OVER} ${CROSS} ${str}" echo -e " ${COL_LIGHT_RED}Error: Download of binary from Github failed${COL_NC}" return 1 - fi + fi # Otherwise, else popd > /dev/null || { echo "Unable to return to original directory after FTL binary download."; return 1; } @@ -1959,6 +1975,7 @@ FTLdetect() { FTLinstall "${binary}" || return 1 fi fi + echo "" } make_temporary_log() { From b92ccb2de4204299717b02b9c3291ed22dfdcc3d Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Wed, 14 Mar 2018 20:01:06 +0000 Subject: [PATCH 023/277] Additionally `mask` the dnsmasq service on systems with systemctl Signed-off-by: Adam Warner --- automated install/basic-install.sh | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 22d549e1..47348775 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1173,6 +1173,25 @@ disable_service() { echo -e "${OVER} ${TICK} ${str}" } +# Mask service so that it cannot be started accidentally +mask_service() { + # Local, named variables + local str="Masking ${1} service" + echo -ne " ${INFO} ${str}..." + # If systemctl exists, + if command -v systemctl &> /dev/null; then + # use that to disable the service + systemctl mask "${1}" &> /dev/null + echo -e "${OVER} ${TICK} ${str}" + # Othwerwise, + else + # use update-rc.d to accomplish this + echo -e "${OVER} ${CROSS} ${str}" + echo -e " ${INFO} systemctl not detected. Cannot mask service." + fi + +} + check_service_active() { # If systemctl exists, if command -v systemctl &> /dev/null; then @@ -1831,7 +1850,8 @@ FTLinstall() { if check_service_active "dnsmasq";then echo " ${INFO} FTL can now resolve DNS Queries without dnsmasq running separately" stop_service dnsmasq - disable_service dnsmasq + disable_service dnsmasq + mask_service dnsmasq fi fi From 44d8cb77e3a56b897a3769b7fad14f4fded93233 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Sat, 17 Mar 2018 22:48:11 +0000 Subject: [PATCH 024/277] Kill off `mask_service` function Signed-off-by: Adam Warner --- automated install/basic-install.sh | 31 ++++++------------------------ 1 file changed, 6 insertions(+), 25 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 47348775..6a160be6 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1148,7 +1148,7 @@ enable_service() { if command -v systemctl &> /dev/null; then # use that to enable the service systemctl enable "${1}" &> /dev/null - # Othwerwise, + # Otherwise, else # use update-rc.d to accomplish this update-rc.d "${1}" defaults &> /dev/null @@ -1165,7 +1165,7 @@ disable_service() { if command -v systemctl &> /dev/null; then # use that to disable the service systemctl disable "${1}" &> /dev/null - # Othwerwise, + # Otherwise, else # use update-rc.d to accomplish this update-rc.d "${1}" disable &> /dev/null @@ -1173,25 +1173,6 @@ disable_service() { echo -e "${OVER} ${TICK} ${str}" } -# Mask service so that it cannot be started accidentally -mask_service() { - # Local, named variables - local str="Masking ${1} service" - echo -ne " ${INFO} ${str}..." - # If systemctl exists, - if command -v systemctl &> /dev/null; then - # use that to disable the service - systemctl mask "${1}" &> /dev/null - echo -e "${OVER} ${TICK} ${str}" - # Othwerwise, - else - # use update-rc.d to accomplish this - echo -e "${OVER} ${CROSS} ${str}" - echo -e " ${INFO} systemctl not detected. Cannot mask service." - fi - -} - check_service_active() { # If systemctl exists, if command -v systemctl &> /dev/null; then @@ -1201,7 +1182,7 @@ check_service_active() { else return 1 fi - # Othwerwise, + # Otherwise, else # fall back to service command if service "${1}" status | grep "Active: active" > /dev/null; then @@ -1385,7 +1366,7 @@ installPiholeWeb() { # back it up mv /var/www/html/index.lighttpd.html /var/www/html/index.lighttpd.orig echo -e "${OVER} ${TICK} ${str}" - # Othwerwise, + # Otherwise, else # don't do anything echo -e "${OVER} ${CROSS} ${str} @@ -1458,7 +1439,7 @@ create_pihole_user() { if id -u pihole &> /dev/null; then # just show a success echo -ne "${OVER} ${TICK} ${str}" - # Othwerwise, + # Otherwise, else echo -ne "${OVER} ${CROSS} ${str}" local str="Creating user 'pihole'" @@ -1498,7 +1479,7 @@ configureFirewall() { iptables -C INPUT -p tcp -m tcp --dport 4711:4720 -i lo -j ACCEPT &> /dev/null || iptables -I INPUT 1 -p tcp -m tcp --dport 4711:4720 -i lo -j ACCEPT return 0 fi - # Othwerwise, + # Otherwise, else # no firewall is running echo -e " ${INFO} No active firewall detected.. skipping firewall configuration" From f18bf35b208813e798affdb15ed4333e46b8030a Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Sat, 17 Mar 2018 22:56:50 +0000 Subject: [PATCH 025/277] use `systemctl is-enabled` to check enabled status of service Signed-off-by: Adam Warner --- automated install/basic-install.sh | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 6a160be6..ddebe6fa 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1176,12 +1176,9 @@ disable_service() { check_service_active() { # If systemctl exists, if command -v systemctl &> /dev/null; then - # use that to disable the service - if systemctl status "${1}" | grep -q "Active: active" > /dev/null; then - return 0 - else - return 1 - fi + # use that to check the status of the service + systemctl is-enabled "${1}" > /dev/null + return $? # Otherwise, else # fall back to service command @@ -1832,7 +1829,6 @@ FTLinstall() { echo " ${INFO} FTL can now resolve DNS Queries without dnsmasq running separately" stop_service dnsmasq disable_service dnsmasq - mask_service dnsmasq fi fi From e2e8b733a85a1f290269993823db138583e65265 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Sun, 18 Mar 2018 00:13:10 +0000 Subject: [PATCH 026/277] tidy up function Signed-off-by: Adam Warner --- automated install/basic-install.sh | 15 +++++---------- 1 file changed, 5 insertions(+), 10 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index ddebe6fa..2574b4a3 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1177,17 +1177,12 @@ check_service_active() { # If systemctl exists, if command -v systemctl &> /dev/null; then # use that to check the status of the service - systemctl is-enabled "${1}" > /dev/null - return $? + systemctl is-enabled "${1}" > /dev/null # Otherwise, else # fall back to service command - if service "${1}" status | grep "Active: active" > /dev/null; then - return 0 - else - return 1 - fi - fi + service "${1}" status > /dev/null + fi } update_package_cache() { @@ -1824,12 +1819,12 @@ FTLinstall() { echo -e "${OVER} ${TICK} ${str}" # If the --resolver flag returns True (exit code 0), then we can safely stop & disable dnsmasq if pihole-FTL --resolver > /dev/null; then - if [[ $(which dnsmasq 2>/dev/null) ]]; then + if which dnsmasq > /dev/null; then if check_service_active "dnsmasq";then echo " ${INFO} FTL can now resolve DNS Queries without dnsmasq running separately" stop_service dnsmasq disable_service dnsmasq - fi + fi fi #ensure /etc/dnsmasq.conf contains `conf-dir=/etc/dnsmasq.d` From d26ea2b948b73865c9cdcd0c90ac0fb5b33bc7c8 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Sun, 18 Mar 2018 00:38:34 +0000 Subject: [PATCH 027/277] remove trailing whitespace Signed-off-by: Adam Warner --- automated install/basic-install.sh | 38 +++++++++++++++--------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 2574b4a3..a5d52309 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -172,7 +172,7 @@ if command -v apt-get &> /dev/null; then # group, LIGHTTPD_GROUP="www-data" # and config file - LIGHTTPD_CFG="lighttpd.conf.debian" + LIGHTTPD_CFG="lighttpd.conf.debian" # A function to check... test_dpkg_lock() { @@ -200,7 +200,7 @@ elif command -v rpm &> /dev/null; then PKG_MANAGER="yum" fi - # Fedora and family update cache on every PKG_INSTALL call, no need for a separate update. + # Fedora and family update cache on every PKG_INSTALL call, no need for a separate update. UPDATE_PKG_CACHE=":" PKG_INSTALL=(${PKG_MANAGER} install -y) PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l" @@ -213,7 +213,7 @@ elif command -v rpm &> /dev/null; then fi LIGHTTPD_USER="lighttpd" LIGHTTPD_GROUP="lighttpd" - LIGHTTPD_CFG="lighttpd.conf.fedora" + LIGHTTPD_CFG="lighttpd.conf.fedora" # If neither apt-get or rmp/dnf are found else @@ -1112,7 +1112,7 @@ installConfigs() { stop_service() { # Stop service passed in as argument. # Can softfail, as process may not be installed when this is called - local str="Stopping ${1} service" + local str="Stopping ${1} service" echo -ne " ${INFO} ${str}..." if command -v systemctl &> /dev/null; then systemctl stop "${1}" &> /dev/null || true @@ -1125,7 +1125,7 @@ stop_service() { # Start/Restart service passed in as argument start_service() { # Local, named variables - local str="Starting ${1} service" + local str="Starting ${1} service" echo -ne " ${INFO} ${str}..." # If systemctl exists, if command -v systemctl &> /dev/null; then @@ -1142,7 +1142,7 @@ start_service() { # Enable service so that it will start with next reboot enable_service() { # Local, named variables - local str="Enabling ${1} service to start on reboot" + local str="Enabling ${1} service to start on reboot" echo -ne " ${INFO} ${str}..." # If systemctl exists, if command -v systemctl &> /dev/null; then @@ -1159,7 +1159,7 @@ enable_service() { # Disable service so that it will not with next reboot disable_service() { # Local, named variables - local str="Disabling ${1} service" + local str="Disabling ${1} service" echo -ne " ${INFO} ${str}..." # If systemctl exists, if command -v systemctl &> /dev/null; then @@ -1177,11 +1177,11 @@ check_service_active() { # If systemctl exists, if command -v systemctl &> /dev/null; then # use that to check the status of the service - systemctl is-enabled "${1}" > /dev/null + systemctl is-enabled "${1}" > /dev/null # Otherwise, else # fall back to service command - service "${1}" status > /dev/null + service "${1}" status > /dev/null fi } @@ -1787,13 +1787,13 @@ FTLinstall() { local ftlBranch local url local ftlBranch - + if [[ -f "/etc/pihole/ftlbranch" ]];then ftlBranch=$( /dev/null || { echo "Unable to return to original directory after FTL binary download."; return 1; } @@ -1926,9 +1926,9 @@ FTLdetect() { echo -e " ${INFO} Checking for existing FTL binary..." local ftlLoc=$(which pihole-FTL 2>/dev/null) - + local ftlBranch - + if [[ -f "/etc/pihole/ftlbranch" ]];then ftlBranch=$(/dev/null) ]]; then - if pihole-FTL --resolver > /dev/null; then + if pihole-FTL --resolver > /dev/null; then stop_service pihole-FTL else stop_service dnsmasq @@ -2185,7 +2185,7 @@ main() { echo -e " ${INFO} Restarting services..." # Start services # Only start and enable dnsmasq if FTL does not have the --resolver switch - if ! pihole-FTL --resolver > /dev/null; then + if ! pihole-FTL --resolver > /dev/null; then start_service dnsmasq enable_service dnsmasq fi From 11f342587656937f0baa8960cbd785994ceeaaec Mon Sep 17 00:00:00 2001 From: Jacob Salmela Date: Thu, 22 Mar 2018 23:51:12 -0500 Subject: [PATCH 028/277] update donation and affiliate links. also link to trademark guidelines. update an image. and add a project. Signed-off-by: Jacob Salmela --- README.md | 30 ++++++++++++++++++------------ 1 file changed, 18 insertions(+), 12 deletions(-) diff --git a/README.md b/README.md index b7f4f249..b5e24378 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ Network-wide ad blocking via your own Linux hardware

-The Pi-hole is a [DNS sinkhole](https://en.wikipedia.org/wiki/DNS_Sinkhole) that protects your devices from unwanted content, without installing any client-side software. +The Pi-hole[®](https://pi-hole.net/trademark-rules-and-brand-guidelines/) is a [DNS sinkhole](https://en.wikipedia.org/wiki/DNS_Sinkhole) that protects your devices from unwanted content, without installing any client-side software. - **Easy-to-install**: our versatile installer walks you through the process, and [takes less than ten minutes](https://www.youtube.com/watch?v=vKWjx1AQYgs) - **Resolute**: content is blocked in _non-browser locations_, such as ad-laden mobile apps and smart TVs @@ -27,7 +27,7 @@ Those who want to get started quickly and conveniently, may install Pi-hole usin #### `curl -sSL https://install.pi-hole.net | bash` ## Alternative Install Methods -[Piping to `bash` is controversial](https://pi-hole.net/2016/07/25/curling-and-piping-to-bash), as it prevents you from [reading code that is about to run](https://github.com/pi-hole/pi-hole/blob/master/automated%20install/basic-install.sh) on your system. Therefore, we provide these alternative installation methods which allow code review before installation: +[Piping to `bash` is controversial](https://pi-hole.net/2016/07/25/curling-and-piping-to-bash), as it prevents you from [reading code that is about to run](https://github.com/pi-hole/pi-hole/blob/master/automated%20install/basic-install.sh) on your system. Therefore, we provide these alternative installation methods which allow code review before installation: ### Method 1: Clone our repository and run ``` @@ -60,16 +60,21 @@ Make no mistake: **your support is absolutely vital to help keep us innovating!* ### Donations Sending a donation using our links below is **extremely helpful** in offsetting a portion of our monthly expenses: - PP Donate via PayPal
BTC Bitcoin Address: 1GKnevUnVaQM2pQieMyeHkpr8DXfkpfAtL +- PP Donate via PayPal
+- BTC [Bitcoin](https://commerce.coinbase.com/checkout/fb7facaf-bebd-46be-bb77-b358f4546763): 1GKnevUnVaQM2pQieMyeHkpr8DXfkpfAtL
+- BTC [Bitcoin Cash](https://commerce.coinbase.com/checkout/fb7facaf-bebd-46be-bb77-b358f4546763): qqh25hlmqaj99xraw00e47xmf8sysnyxhyww2d7dnh
+- BTC [Ethereum](https://commerce.coinbase.com/checkout/fb7facaf-bebd-46be-bb77-b358f4546763): 0xF00aF43d2431BAD585056492b310e48eC40D87e8 ### Alternative support -If you'd rather not donate (_which is okay!_), there are other ways you can help support us: +If you'd rather not [donate](https://pi-hole.net/donate/) (_which is okay!_), there are other ways you can help support us: -- [Digital Ocean](http://www.digitalocean.com/?refcode=344d234950e1) affiliate link -- [Vultr](http://www.vultr.com/?ref=7190426) affiliate link -- [UNIXstickers.com](http://unixstickers.refr.cc/jacobs) affiliate link -- [Pi-hole Swag Store](https://pi-hole.net/shop/) +- [Digital Ocean](http://www.digitalocean.com/?refcode=344d234950e1) _affiliate link_ +- [UNIXstickers.com](http://unixstickers.refr.cc/jacobs) _save $5 when you spend $9 using our affiliate link_ +- [Pi-hole Swag Store](https://pi-hole.net/shop/) _affiliate link_ +- [Amazon](http://www.amazon.com/exec/obidos/redirect-home/pihole09-20) _affiliate link_ +- [Ho-ost](https://clients.ho-ost.com/aff.php?aff=19) _save 50% with our affiliate link_ +- [DNS Made Easy](https://cp.dnsmadeeasy.com/u/133706) _affiliate link_ +- [Vultr](http://www.vultr.com/?ref=7190426) _affiliate link_ - Spreading the word about our software, and how you have benefited from it ### Contributing via GitHub @@ -127,7 +132,7 @@ You can read our [Core Feature Breakdown](https://github.com/pi-hole/pi-hole/wik ### The Web Interface Dashboard This [optional dashboard](https://github.com/pi-hole/AdminLTE) allows you to view stats, change settings, and configure your Pi-hole. It's the power of the Command Line Interface, with none of the learning curve! -Pi-hole Dashboard +Pi-hole Dashboard Some notable features include: * Mobile friendly interface @@ -145,8 +150,8 @@ There are several ways to [access the dashboard](https://discourse.pi-hole.net/t 2. `http:/pi.hole/admin/` (when using Pi-hole as your DNS server) 3. `http://pi.hole/` (when using Pi-hole as your DNS server) -## The Faster-Than-Light Engine -The [FTL Engine](https://github.com/pi-hole/FTL) is a lightweight, purpose-built daemon used to provide statistics needed for the Web Interface, and its API can be easily integrated into your own projects. As the name implies, FTL does this all *very quickly*! +## Faster-than-light Engine +The FTLDNS[™](https://pi-hole.net/trademark-rules-and-brand-guidelines/) is a lightweight, purpose-built daemon used to provide statistics needed for the Web Interface, and its API can be easily integrated into your own projects. As the name implies, FTLDNS does this all *very quickly*! Some of the statistics you can integrate include: * Total number of domains being blocked @@ -194,6 +199,7 @@ While quite outdated at this point, [this original blog post about Pi-hole](http - [Magic Mirror with DNS Filtering](https://zonksec.com/blog/magic-mirror-dns-filtering/#dnssoftware) - [Pi-hole Droid: Android client](https://github.com/friimaind/pi-hole-droid) - [Windows DNS Swapper](https://github.com/roots84/DNS-Swapper), see [#1400](https://github.com/pi-hole/pi-hole/issues/1400) +- [Pi-hole Visualizer](https://www.reddit.com/r/pihole/comments/82ikgb/pihole_visualizer_update/) ----- ## Coverage From 7159ecb632dc623b0cd854e0dd4e372464fb14c0 Mon Sep 17 00:00:00 2001 From: Jacob Salmela Date: Fri, 23 Mar 2018 00:11:21 -0500 Subject: [PATCH 029/277] reduce ping times for faster script completion Signed-off-by: Jacob Salmela --- advanced/Scripts/piholeDebug.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index b668af94..d2e8951b 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -592,7 +592,7 @@ ping_gateway() { # Try to quietly ping the gateway 3 times, with a timeout of 3 seconds, using numeric output only, # on the pihole interface, and tail the last three lines of the output # If pinging the gateway is not successful, - if ! ${cmd} -c 3 -W 2 -n ${gateway} -I ${PIHOLE_INTERFACE} >/dev/null; then + if ! ${cmd} -c 1 -W 2 -n ${gateway} -I ${PIHOLE_INTERFACE} >/dev/null; then # let the user know log_write "${CROSS} ${COL_RED}Gateway did not respond.${COL_NC} ($FAQ_GATEWAY)\n" # and return an error code @@ -613,7 +613,7 @@ ping_internet() { ping_ipv4_or_ipv6 "${protocol}" log_write "* Checking Internet connectivity via IPv${protocol}..." # Try to ping the address 3 times - if ! ${cmd} -W 2 -c 3 -n ${public_address} -I ${PIHOLE_INTERFACE} >/dev/null; then + if ! ${cmd} -c 1 -W 2 -n ${public_address} -I ${PIHOLE_INTERFACE} >/dev/null; then # if it's unsuccessful, show an error log_write "${CROSS} ${COL_RED}Cannot reach the Internet.${COL_NC}\n" return 1 From 51765b1f659a5fe5023bb0c2001ebce4ed8be861 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Fri, 23 Mar 2018 10:15:40 +0000 Subject: [PATCH 030/277] chown pihole log to pihole:pihole, rather than pihole:root Signed-off-by: Adam Warner --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index a5d52309..c2e44843 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1323,7 +1323,7 @@ CreateLogFile() { # set the permissions, chmod 644 /var/log/pihole.log # and owners - chown pihole:root /var/log/pihole.log + chown pihole:pihole /var/log/pihole.log echo -e "${OVER} ${TICK} ${str}" # Otherwise, else From 238a56cac3a0ca958900e4e465ed97b5e326ff77 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Fri, 23 Mar 2018 10:53:22 +0000 Subject: [PATCH 031/277] Remove CreateLogFile function, as this is handled by the FTL service Signed-off-by: Adam Warner --- automated install/basic-install.sh | 27 +-------------------------- 1 file changed, 1 insertion(+), 26 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index c2e44843..01a1aff0 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1311,27 +1311,6 @@ install_dependent_packages() { return 0 } -# Create logfiles if necessary -CreateLogFile() { - local str="Creating log and changing owner to pihole" - echo "" - echo -ne " ${INFO} ${str}..." - # If the pihole log does not exist, - if [[ ! -f "/var/log/pihole.log" ]]; then - # Make it, - touch /var/log/pihole.log - # set the permissions, - chmod 644 /var/log/pihole.log - # and owners - chown pihole:pihole /var/log/pihole.log - echo -e "${OVER} ${TICK} ${str}" - # Otherwise, - else - # the file should already exist - echo -e " ${COL_LIGHT_GREEN}log already exists!${COL_NC}" - fi -} - # Install the Web interface dashboard installPiholeWeb() { echo "" @@ -1577,8 +1556,6 @@ installPihole() { installScripts # configs, installConfigs - # and create the log file - CreateLogFile # If the user wants to install the dashboard, if [[ "${INSTALL_WEB}" == true ]]; then # do so @@ -1614,9 +1591,7 @@ updatePihole() { # Install base files and web interface installScripts # Install config files - installConfigs - # Create the log file - CreateLogFile + installConfigs # If the user wants to install the dasboard, if [[ "${INSTALL_WEB}" == true ]]; then # do so From d9d3caec22e597d0b12ad9006bc1b9576c52a19f Mon Sep 17 00:00:00 2001 From: Jacob Salmela Date: Fri, 23 Mar 2018 06:56:40 -0500 Subject: [PATCH 032/277] new head tail function and get head tail of pihole-FTL.log instead of just head Signed-off-by: Jacob Salmela --- advanced/Scripts/piholeDebug.sh | 30 +++++++++++++++++++++++++++++- 1 file changed, 29 insertions(+), 1 deletion(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index d2e8951b..e1eb722b 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -958,7 +958,7 @@ list_files_in_dir() { "${PIHOLE_WEB_SERVER_ERROR_LOG_FILE}") make_array_from_file "${dir_to_parse}/${each_file}" 25 ;; # Same for the FTL log - "${PIHOLE_FTL_LOG}") make_array_from_file "${dir_to_parse}/${each_file}" 25 + "${PIHOLE_FTL_LOG}") head_tail_log "${dir_to_parse}/${each_file}" 35 ;; # parse the file into an array in case we ever need to analyze it line-by-line *) make_array_from_file "${dir_to_parse}/${each_file}"; @@ -991,6 +991,34 @@ show_content_of_pihole_files() { show_content_of_files_in_dir "${LOG_DIRECTORY}" } +head_tail_log() { + # The file being processed + local filename="${1}" + # The number of lines to use for head and tail + local qty="${2}" + local head_line + local tail_line + # Put the current Internal Field Separator into another variable so it can be restored later + OLD_IFS="$IFS" + # Get the lines that are in the file(s) and store them in an array for parsing later + IFS=$'\r\n' + local log_head=() + log_head=( $(head -n ${qty} ${filename}) ) + log_write " ${COL_CYAN}-----head of $(basename ${filename})------${COL_NC}" + for head_line in "${log_head[@]}"; do + log_write " ${head_line}" + done + log_write "" + local log_tail=() + log_tail=( $(tail -n ${qty} ${filename}) ) + log_write " ${COL_CYAN}-----tail of $(basename ${filename})------${COL_NC}" + for tail_line in "${log_tail[@]}"; do + log_write " ${tail_line}" + done + # Set the IFS back to what it was + IFS="$OLD_IFS" +} + analyze_gravity_list() { echo_current_diagnostic "Gravity list" local head_line From bfcbd72e4b021b458be3b45ac442f4350ac1603a Mon Sep 17 00:00:00 2001 From: "Leo MG Nesfield (LMGN)" Date: Fri, 23 Mar 2018 16:17:31 +0000 Subject: [PATCH 033/277] Link to the admin panel on the splash page. --- advanced/index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/index.php b/advanced/index.php index 999acebb..5aa9fbcb 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -64,7 +64,7 @@ if ($serverName === "pi.hole") { $viewPort -
Pi-hole: Your black hole for Internet advertisements +
Pi-hole: Your black hole for Internet advertisements
Did you mean to go to the admin panel? "; // Set splash/landing page based off presence of $landPage From fbab930cb19ca8a9c5f0afeadbb804f484837e77 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Fri, 23 Mar 2018 22:46:41 +0000 Subject: [PATCH 034/277] Allow install script to install FTL instead of the checkout script. Utilises the /etc/pihole/ftlbranch file. Signed-off-by: Adam Warner --- advanced/Scripts/piholeCheckout.sh | 45 +----------------------------- 1 file changed, 1 insertion(+), 44 deletions(-) diff --git a/advanced/Scripts/piholeCheckout.sh b/advanced/Scripts/piholeCheckout.sh index 21919ddf..81ea27b3 100644 --- a/advanced/Scripts/piholeCheckout.sh +++ b/advanced/Scripts/piholeCheckout.sh @@ -19,7 +19,6 @@ source "${PI_HOLE_FILES_DIR}/automated install/basic-install.sh" # setupVars set in basic-install.sh source "${setupVars}" -update="false" coltable="/opt/pihole/COL_TABLE" source ${coltable} @@ -33,40 +32,6 @@ check_download_exists() { fi } -FTLinstall() { - # Download and install FTL binary - local binary - binary="${1}" - local path - path="${2}" - local str - str="Installing FTL" - echo -ne " ${INFO} ${str}..." - - if curl -sSL --fail "https://ftl.pi-hole.net/${path}" -o "/tmp/${binary}"; then - # Get sha1 of the binary we just downloaded for verification. - curl -sSL --fail "https://ftl.pi-hole.net/${path}.sha1" -o "/tmp/${binary}.sha1" - # Check if we just downloaded text, or a binary file. - cd /tmp || return 1 - if sha1sum --status --quiet -c "${binary}".sha1; then - echo -n "transferred... " - stop_service pihole-FTL &> /dev/null - install -T -m 0755 "/tmp/${binary}" "/usr/bin/pihole-FTL" - rm "/tmp/${binary}" "/tmp/${binary}.sha1" - start_service pihole-FTL &> /dev/null - echo -e "${OVER} ${TICK} ${str}" - return 0 - else - echo -e "${OVER} ${CROSS} ${str}" - echo -e " ${COL_LIGHT_RED}Error: Download of binary from ftl.pi-hole.net failed${COL_NC}" - return 1 - fi - else - echo -e "${OVER} ${CROSS} ${str}" - echo -e " ${COL_LIGHT_RED}Error: URL not found${COL_NC}" - fi -} - get_binary_name() { local machine machine=$(uname -m) @@ -176,11 +141,6 @@ checkout_pull_branch() { git checkout "${branch}" --quiet || return 1 echo -e "${OVER} ${TICK} $str" - - if [[ "$(git diff "${oldbranch}" | grep -c "^")" -gt "0" ]]; then - update="true" - fi - git_pull=$(git pull || return 1) if [[ "$git_pull" == *"up-to-date"* ]]; then @@ -257,7 +217,6 @@ checkout() { local path path="development/${binary}" echo "development" > /etc/pihole/ftlbranch - FTLinstall "${binary}" "${path}" elif [[ "${1}" == "master" ]] ; then # Shortcut to check out master branches echo -e " ${INFO} Shortcut \"master\" detected - checking out master branches..." @@ -272,7 +231,6 @@ checkout() { local path path="master/${binary}" echo "master" > /etc/pihole/ftlbranch - FTLinstall "${binary}" "${path}" elif [[ "${1}" == "core" ]] ; then str="Fetching branches from ${piholeGitUrl}" echo -ne " ${INFO} $str" @@ -335,7 +293,6 @@ checkout() { if check_download_exists "$path"; then echo " ${TICK} Branch ${2} exists" echo "${2}" > /etc/pihole/ftlbranch - FTLinstall "${binary}" "${path}" else echo " ${CROSS} Requested branch \"${2}\" is not available" ftlbranches=( $(git ls-remote https://github.com/pi-hole/ftl | grep 'heads' | sed 's/refs\/heads\///;s/ //g' | awk '{print $2}') ) @@ -350,7 +307,7 @@ checkout() { fi # Force updating everything - if [[ ( ! "${1}" == "web" && ! "${1}" == "ftl" ) && "${update}" == "true" ]]; then + if [[ ! "${1}" == "web" ]]; then echo -e " ${INFO} Running installer to upgrade your installation" if "${PI_HOLE_FILES_DIR}/automated install/basic-install.sh" --unattended; then exit 0 From 295ac49f838ee295cf5da6a7f69ea09e23b69424 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sun, 25 Mar 2018 09:58:22 +0200 Subject: [PATCH 035/277] Add capability CAP_NET_RAW to allow pihole-FTL to use RAW sockets for being able to create an ICMPv6 socket for IPv6 handling in the DHCP service Signed-off-by: DL6ER --- advanced/pihole-FTL.service | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/pihole-FTL.service b/advanced/pihole-FTL.service index 70d0b9d0..ef8ee9c2 100644 --- a/advanced/pihole-FTL.service +++ b/advanced/pihole-FTL.service @@ -34,7 +34,7 @@ start() { chown pihole:pihole /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port chown pihole:pihole /etc/pihole /etc/pihole/dhcp.leases /var/log/pihole.log chmod 0644 /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole.log - setcap CAP_NET_BIND_SERVICE,CAP_NET_ADMIN+eip "$(which pihole-FTL)" + setcap CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN+eip "$(which pihole-FTL)" echo "nameserver 127.0.0.1" | /sbin/resolvconf -a lo.piholeFTL su -s /bin/sh -c "/usr/bin/pihole-FTL" "$FTLUSER" echo From 143e75d213a0cbcf9b2f179fe4e4a095c248c8e1 Mon Sep 17 00:00:00 2001 From: Jacob Salmela Date: Sun, 25 Mar 2018 09:39:29 -0500 Subject: [PATCH 036/277] fix empty ports on some systems Signed-off-by: Jacob Salmela --- advanced/Scripts/piholeDebug.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index b668af94..633fb7a9 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -652,7 +652,7 @@ check_required_ports() { # Sort the addresses and remove duplicates while IFS= read -r line; do ports_in_use+=( "$line" ) - done < <( lsof -i -P -n | awk -F' ' '/LISTEN/ {print $9, $1}' | sort -n | uniq | cut -d':' -f2 ) + done < <( lsof -i -P -n | awk -F' ' '/LISTEN/ {print $1, $9}' | sort -n | tr -d '[*]\r' | uniq | awk '{print $2, $1}' ) # Now that we have the values stored, for i in "${!ports_in_use[@]}"; do From 68c27eb2a19fcaec9895245294875796675c77f0 Mon Sep 17 00:00:00 2001 From: Jacob Salmela Date: Sun, 25 Mar 2018 21:27:40 -0500 Subject: [PATCH 037/277] add label to x-header so you know which one is being evaluated Signed-off-by: Jacob Salmela --- advanced/Scripts/piholeDebug.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index b668af94..a16457a0 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -712,20 +712,20 @@ check_x_headers() { # If the X-header found by curl matches what is should be, if [[ $block_page == "$block_page_working" ]]; then # display a success message - log_write "$TICK ${COL_GREEN}${block_page}${COL_NC}" + log_write "$TICK Block page X-Header: ${COL_GREEN}${block_page}${COL_NC}" else # Otherwise, show an error - log_write "$CROSS ${COL_RED}X-Header does not match or could not be retrieved.${COL_NC}" + log_write "$CROSS Block page X-Header: ${COL_RED}X-Header does not match or could not be retrieved.${COL_NC}" log_write "${COL_RED}${full_curl_output_block_page}${COL_NC}" fi # Same logic applies to the dashbord as above, if the X-Header matches what a working system shoud have, if [[ $dashboard == "$dashboard_working" ]]; then # then we can show a success - log_write "$TICK ${COL_GREEN}${dashboard}${COL_NC}" + log_write "$TICK Web interface X-Header: ${COL_GREEN}${dashboard}${COL_NC}" else # Othewise, it's a failure since the X-Headers either don't exist or have been modified in some way - log_write "$CROSS ${COL_RED}X-Header does not match or could not be retrieved.${COL_NC}" + log_write "$CROSS Web interface X-Header: ${COL_RED}X-Header does not match or could not be retrieved.${COL_NC}" log_write "${COL_RED}${full_curl_output_dashboard}${COL_NC}" fi } From 37e8a91d5bdfce3f6fff43f471fb265e4f68c510 Mon Sep 17 00:00:00 2001 From: Dillon Flamand Date: Sun, 25 Mar 2018 21:59:35 -0700 Subject: [PATCH 038/277] Remove dead link from CONTRIBUTING.md Removed a link to a github repo that no longer exists. Signed-off-by: D. Flamand --- CONTRIBUTING.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 2b7fae5d..e32b500e 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,5 +1,3 @@ -_This template was created based on the work of [`udemy-dl`](https://github.com/nishad/udemy-dl/blob/master/LICENSE)._ - # Contributors Guide Please read and understand the contribution guide before creating an issue or pull request. From 3390fbf238924218fb94bab07c8a8492eb4a2ab1 Mon Sep 17 00:00:00 2001 From: Perflyst Date: Tue, 27 Mar 2018 12:17:44 +0200 Subject: [PATCH 039/277] Add RaspberryPi 3B+ Signed-off-by: Perflyst --- advanced/Scripts/chronometer.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/advanced/Scripts/chronometer.sh b/advanced/Scripts/chronometer.sh index 13d743a8..4bc090f2 100755 --- a/advanced/Scripts/chronometer.sh +++ b/advanced/Scripts/chronometer.sh @@ -179,6 +179,7 @@ get_init_stats() { 90009[2-3]|920093) sys_model=" Zero";; # 512MB 9000c1) sys_model=" Zero W";; # 512MB a02082|a[2-3]2082) sys_model=" 3, Model B";; # 1GB + a020d3) sys_model=" 3, Model B+";; # 1GB *) sys_model="";; esac sys_type="Raspberry Pi$sys_model" From ff47ab12fbc8bc9164c4c75d92f4cfba94d202d2 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Fri, 30 Mar 2018 21:01:51 +0200 Subject: [PATCH 040/277] Save number of effectively blocked domains in /etc/pihole/numBlocked Signed-off-by: DL6ER --- gravity.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/gravity.sh b/gravity.sh index 88ba8bb0..5806dea7 100755 --- a/gravity.sh +++ b/gravity.sh @@ -510,9 +510,11 @@ gravity_ParseBlacklistDomains() { if [[ -f "${piholeDir}/${whitelistMatter}" ]]; then gravity_ParseDomainsIntoHosts "${piholeDir}/${whitelistMatter}" "${piholeDir}/${accretionDisc}" + grep -c "^" "${piholeDir}/${whitelistMatter}" > "${piholeDir}/numBlocked" 2> /dev/null else # There was no whitelist file, so use preEventHorizon instead of whitelistMatter. gravity_ParseDomainsIntoHosts "${piholeDir}/${preEventHorizon}" "${piholeDir}/${accretionDisc}" + grep -c "^" "${piholeDir}/${preEventHorizon}" > "${piholeDir}/numBlocked" 2> /dev/null fi # Move the file over as /etc/pihole/gravity.list so dnsmasq can use it From c3f391dc5ac45209f8e963f681bea8787657fbf9 Mon Sep 17 00:00:00 2001 From: Jacob Salmela Date: Sat, 31 Mar 2018 14:08:48 -0500 Subject: [PATCH 041/277] maybe fixes #2028 by deleting null bytes Signed-off-by: Jacob Salmela --- gravity.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gravity.sh b/gravity.sh index 395ea548..b040b69b 100755 --- a/gravity.sh +++ b/gravity.sh @@ -384,7 +384,7 @@ gravity_ConsolidateDownloadedBlocklists() { tr -d '\r' < "${i}" | tr '[:upper:]' '[:lower:]' >> "${piholeDir}/${matterAndLight}" # Ensure that the first line of a new list is on a new line - lastLine=$(tail -1 "${piholeDir}/${matterAndLight}") + lastLine=$(tail -1 "${piholeDir}/${matterAndLight}" | tr -d '\0') if [[ "${#lastLine}" -gt 0 ]]; then echo "" >> "${piholeDir}/${matterAndLight}" fi @@ -505,7 +505,7 @@ gravity_ParseBlacklistDomains() { # Empty $accretionDisc if it already exists, otherwise, create it : > "${piholeDir}/${accretionDisc}" - + if [[ -f "${piholeDir}/${whitelistMatter}" ]]; then gravity_ParseDomainsIntoHosts "${piholeDir}/${whitelistMatter}" "${piholeDir}/${accretionDisc}" else From 187848660c15243802942b05c78dd572b3054d28 Mon Sep 17 00:00:00 2001 From: Jacob Salmela Date: Sat, 31 Mar 2018 16:12:29 -0500 Subject: [PATCH 042/277] try another fix for #2028 Signed-off-by: Jacob Salmela --- gravity.sh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/gravity.sh b/gravity.sh index b040b69b..677f1956 100755 --- a/gravity.sh +++ b/gravity.sh @@ -382,9 +382,8 @@ gravity_ConsolidateDownloadedBlocklists() { if [[ -r "${i}" ]]; then # Remove windows CRs from file, convert list to lower case, and append into $matterAndLight tr -d '\r' < "${i}" | tr '[:upper:]' '[:lower:]' >> "${piholeDir}/${matterAndLight}" - # Ensure that the first line of a new list is on a new line - lastLine=$(tail -1 "${piholeDir}/${matterAndLight}" | tr -d '\0') + IFS= read -r -d '' lastLine <"${piholeDir}/${matterAndLight}" || [[ $lastLine ]] if [[ "${#lastLine}" -gt 0 ]]; then echo "" >> "${piholeDir}/${matterAndLight}" fi From 1a275ba18458363f66da62ff6ab0481cf472e3a7 Mon Sep 17 00:00:00 2001 From: Jacob Salmela Date: Sun, 1 Apr 2018 06:40:48 -0500 Subject: [PATCH 043/277] debug user locale; improve function to parse variables and files Signed-off-by: Jacob Salmela --- advanced/Scripts/piholeDebug.sh | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index a16457a0..33114794 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -493,6 +493,12 @@ parse_setup_vars() { fi } +parse_locale() { + echo_current_diagnostic "Locale" + local pihole_locale="$(locale)" + parse_file "${pihole_locale}" +} + does_ip_match_setup_vars() { # Check for IPv4 or 6 local protocol="${1}" @@ -879,8 +885,11 @@ parse_file() { # Put the current Internal Field Separator into another variable so it can be restored later OLD_IFS="$IFS" # Get the lines that are in the file(s) and store them in an array for parsing later - IFS=$'\r\n' command eval 'file_info=( $(cat "${filename}") )' - + if [[ -f "$filename" ]]; then + IFS=$'\r\n' command eval 'file_info=( $(cat "${filename}") )' + else + read -a file_info <<< $filename + fi # Set a named variable for better readability local file_lines # For each line in the file, @@ -1165,6 +1174,7 @@ parse_setup_vars check_x_headers analyze_gravity_list show_content_of_pihole_files +parse_locale analyze_pihole_log copy_to_debug_log upload_to_tricorder From a8b493cb7dcfa6a0dfc7904c74966f65f9b802d4 Mon Sep 17 00:00:00 2001 From: Everett Southwick Date: Sun, 1 Apr 2018 17:59:08 -0500 Subject: [PATCH 044/277] Add support for public Cloudflare DNS servers. Signed-off-by: Everett Southwick --- automated install/basic-install.sh | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 59b1c8a3..b25cf272 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -772,6 +772,7 @@ setDNS() { DNSWatch "" Quad9 "" FamilyShield "" + Cloudflare "" Custom "") # In a whiptail dialog, show the options DNSchoices=$(whiptail --separate-output --menu "Select Upstream DNS Provider. To use your own, select Custom." ${r} ${c} 7 \ @@ -823,6 +824,11 @@ setDNS() { PIHOLE_DNS_1="208.67.222.123" PIHOLE_DNS_2="208.67.220.123" ;; + Cloudflare) + echo "Cloudflare servers" + PIHOLE_DNS_1="1.1.1.1" + PIHOLE_DNS_2="1.0.0.1" + ;; Custom) # Until the DNS settings are selected, until [[ "${DNSSettingsCorrect}" = True ]]; do From b1d6c0319091c22ee7a39ffd6e258dc3e09aff07 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Mon, 2 Apr 2018 21:53:32 +0100 Subject: [PATCH 045/277] Break out binary name funtion to it's own function Remove duplicate code. get_binary_name is now in the install script Add some "version" checking to ftl download when using an alt branch, uses checksum Greatly simplify update process. Source pihole-FTL version checker from basic-install.sh Always run install script to finalise changes. Install script now outputs versions after an update (This is a Squash of previous work into one commit) Signed-off-by: Adam Warner --- advanced/Scripts/piholeCheckout.sh | 49 ------------ advanced/Scripts/update.sh | 117 ++++++++--------------------- automated install/basic-install.sh | 68 ++++++++++++----- gravity.sh | 2 + 4 files changed, 80 insertions(+), 156 deletions(-) diff --git a/advanced/Scripts/piholeCheckout.sh b/advanced/Scripts/piholeCheckout.sh index 81ea27b3..7b189bcc 100644 --- a/advanced/Scripts/piholeCheckout.sh +++ b/advanced/Scripts/piholeCheckout.sh @@ -32,55 +32,6 @@ check_download_exists() { fi } -get_binary_name() { - local machine - machine=$(uname -m) - - local str - str="Detecting architecture" - echo -ne " ${INFO} ${str}..." - if [[ "${machine}" == "arm"* || "${machine}" == *"aarch"* ]]; then - # ARM - local rev - rev=$(uname -m | sed "s/[^0-9]//g;") - local lib - lib=$(ldd /bin/ls | grep -E '^\s*/lib' | awk '{ print $1 }') - if [[ "${lib}" == "/lib/ld-linux-aarch64.so.1" ]]; then - echo -e "${OVER} ${TICK} Detected ARM-aarch64 architecture" - binary="pihole-FTL-aarch64-linux-gnu" - elif [[ "${lib}" == "/lib/ld-linux-armhf.so.3" ]]; then - if [[ "$rev" -gt "6" ]]; then - echo -e "${OVER} ${TICK} Detected ARM-hf architecture (armv7+)" - binary="pihole-FTL-arm-linux-gnueabihf" - else - echo -e "${OVER} ${TICK} Detected ARM-hf architecture (armv6 or lower) Using ARM binary" - binary="pihole-FTL-arm-linux-gnueabi" - fi - else - echo -e "${OVER} ${TICK} Detected ARM architecture" - binary="pihole-FTL-arm-linux-gnueabi" - fi - elif [[ "${machine}" == "ppc" ]]; then - # PowerPC - echo -e "${OVER} ${TICK} Detected PowerPC architecture" - binary="pihole-FTL-powerpc-linux-gnu" - elif [[ "${machine}" == "x86_64" ]]; then - # 64bit - echo -e "${OVER} ${TICK} Detected x86_64 architecture" - binary="pihole-FTL-linux-x86_64" - else - # Something else - we try to use 32bit executable and warn the user - if [[ ! "${machine}" == "i686" ]]; then - echo -e "${OVER} ${CROSS} ${str}... - ${COL_LIGHT_RED}Not able to detect architecture (unknown: ${machine}), trying 32bit executable - Contact support if you experience issues (e.g: FTL not running)${COL_NC}" - else - echo -e "${OVER} ${TICK} Detected 32bit (i686) architecture" - fi - binary="pihole-FTL-linux-x86_32" - fi -} - fully_fetch_repo() { # Add upstream branches to shallow clone local directory="${1}" diff --git a/advanced/Scripts/update.sh b/advanced/Scripts/update.sh index a4ada4c8..ee168fc4 100755 --- a/advanced/Scripts/update.sh +++ b/advanced/Scripts/update.sh @@ -77,24 +77,18 @@ GitCheckUpdateAvail() { fi } -FTLcheckUpdate() { - local FTLversion - FTLversion=$(/usr/bin/pihole-FTL tag) - local FTLlatesttag - FTLlatesttag=$(curl -sI https://github.com/pi-hole/FTL/releases/latest | grep 'Location' | awk -F '/' '{print $NF}' | tr -d '\r\n') - - if [[ "${FTLversion}" != "${FTLlatesttag}" ]]; then - return 0 - else - return 1 - fi -} - main() { local pihole_version_current local web_version_current local basicError="\\n ${COL_LIGHT_RED}Unable to complete update, please contact Pi-hole Support${COL_NC}" - + local core_update + local web_update + local FTL_update + + core_update=false + web_update=false + FTL_update=false + # shellcheck disable=1090,2154 source "${setupVars}" @@ -115,7 +109,9 @@ main() { echo -e " ${INFO} Pi-hole Core:\\t${COL_LIGHT_GREEN}up to date${COL_NC}" fi - if FTLcheckUpdate ; then + get_binary_name > /dev/null # Needed so that we have the correct binary name for the FTL Update check function + + if FTLcheckUpdate > /dev/null; then # Function is in sourced basic-install.sh FTL_update=true echo -e " ${INFO} FTL:\\t\\t${COL_YELLOW}update available${COL_NC}" else @@ -123,16 +119,6 @@ main() { echo -e " ${INFO} FTL:\\t\\t${COL_LIGHT_GREEN}up to date${COL_NC}" fi - # Logic: Don't update FTL when there is a core update available - # since the core update will run the installer which will itself - # re-install (i.e. update) FTL - if ${FTL_update} && ! ${core_update}; then - echo "" - echo -e " ${INFO} FTL out of date" - FTLdetect - echo "" - fi - if [[ "${INSTALL_WEB}" == true ]]; then if ! is_repo "${ADMIN_INTERFACE_DIR}" ; then echo -e "\\n ${COL_LIGHT_RED}Error: Web Admin repo is missing from system! @@ -147,80 +133,37 @@ main() { web_update=false echo -e " ${INFO} Web Interface:\\t${COL_LIGHT_GREEN}up to date${COL_NC}" fi - - # Logic - # If Core up to date AND web up to date: - # Do nothing - # If Core up to date AND web NOT up to date: - # Pull web repo - # If Core NOT up to date AND web up to date: - # pull pihole repo, run install --unattended -- reconfigure - # if Core NOT up to date AND web NOT up to date: - # pull pihole repo run install --unattended - - if ! ${core_update} && ! ${web_update} ; then - if ! ${FTL_update} ; then - echo "" - echo -e " ${TICK} Everything is up to date!" - exit 0 - fi - elif ! ${core_update} && ${web_update} ; then - echo "" - echo -e " ${INFO} Pi-hole Web Admin files out of date" - getGitFiles "${ADMIN_INTERFACE_DIR}" "${ADMIN_INTERFACE_GIT_URL}" - elif ${core_update} && ! ${web_update} ; then - echo "" - echo -e " ${INFO} Pi-hole core files out of date" - getGitFiles "${PI_HOLE_FILES_DIR}" "${PI_HOLE_GIT_URL}" - ${PI_HOLE_FILES_DIR}/automated\ install/basic-install.sh --reconfigure --unattended || \ - echo -e "${basicError}" && exit 1 - elif ${core_update} && ${web_update} ; then - echo "" - echo -e " ${INFO} Updating Pi-hole core and web admin files" - getGitFiles "${PI_HOLE_FILES_DIR}" "${PI_HOLE_GIT_URL}" - ${PI_HOLE_FILES_DIR}/automated\ install/basic-install.sh --unattended || \ - echo -e "${basicError}" && exit 1 - else - echo -e " ${COL_LIGHT_RED}Update script has malfunctioned, please contact Pi-hole Support${COL_NC}" - exit 1 - fi - else # Web Admin not installed, so only verify if core is up to date - if ! ${core_update}; then - if ! ${FTL_update} ; then - echo "" - echo -e " ${INFO} Everything is up to date!" - exit 0 - fi - else - echo "" - echo -e " ${INFO} Pi-hole Core files out of date" - getGitFiles "${PI_HOLE_FILES_DIR}" "${PI_HOLE_GIT_URL}" - ${PI_HOLE_FILES_DIR}/automated\ install/basic-install.sh --reconfigure --unattended || \ - echo -e "${basicError}" && exit 1 - fi fi - if [[ "${web_update}" == true ]]; then - web_version_current="$(/usr/local/bin/pihole version --admin --current)" + if [[ "${core_update}" == false && "${web_update}" == false && "${FTL_update}" == false ]]; then echo "" - echo -e " ${INFO} Web Admin version is now at ${web_version_current/* v/v} - ${INFO} If you had made any changes in '/var/www/html/admin/', they have been stashed using 'git stash'" + echo -e " ${TICK} Everything is up to date!" + exit 0 fi if [[ "${core_update}" == true ]]; then - pihole_version_current="$(/usr/local/bin/pihole version --pihole --current)" echo "" - echo -e " ${INFO} Pi-hole version is now at ${pihole_version_current/* v/v} - ${INFO} If you had made any changes in '/etc/.pihole/', they have been stashed using 'git stash'" + echo -e " ${INFO} Pi-hole core files out of date, updating local repo." + getGitFiles "${PI_HOLE_FILES_DIR}" "${PI_HOLE_GIT_URL}" + echo -e " ${INFO} If you had made any changes in '/etc/.pihole/', they have been stashed using 'git stash'" + fi + + if [[ "${web_update}" == true ]]; then + echo "" + echo -e " ${INFO} Pi-hole Web Admin files out of date, updating local repo." + getGitFiles "${ADMIN_INTERFACE_DIR}" "${ADMIN_INTERFACE_GIT_URL}" + echo -e " ${INFO} If you had made any changes in '/var/www/html/admin/', they have been stashed using 'git stash'" fi if [[ "${FTL_update}" == true ]]; then - FTL_version_current="$(/usr/bin/pihole-FTL tag)" - echo -e "\\n ${INFO} FTL version is now at ${FTL_version_current/* v/v}" - start_service pihole-FTL - enable_service pihole-FTL + echo "" + echo -e " ${INFO} FTL out of date, it will be updated by the installer." fi + if [[ "${FTL_update}" == true || "${core_update}" == true || "${web_update}" == true ]]; then + ${PI_HOLE_FILES_DIR}/automated\ install/basic-install.sh --reconfigure --unattended || \ + echo -e "${basicError}" && exit 1 + fi echo "" exit 0 } diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 01a1aff0..d9c4b8f9 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1828,15 +1828,9 @@ FTLinstall() { fi } -# Detect suitable FTL binary platform -FTLdetect() { - echo "" - echo -e " ${INFO} FTL Checks..." - - # Local, named variables +get_binary_name() { +# Local, named variables local machine - local binary - # Store architecture in a variable machine=$(uname -m) @@ -1895,11 +1889,10 @@ FTLdetect() { fi binary="pihole-FTL-linux-x86_32" fi +} - #In the next section we check to see if FTL is already installed (in case of pihole -r). - #If the installed version matches the latest version, then check the installed sha1sum of the binary vs the remote sha1sum. If they do not match, then download - echo -e " ${INFO} Checking for existing FTL binary..." - +FTLcheckUpdate() +{ local ftlLoc=$(which pihole-FTL 2>/dev/null) local ftlBranch @@ -1910,8 +1903,26 @@ FTLdetect() { ftlBranch="master" fi + local remoteSha1 + local localSha1 + if [[ ! "${ftlBranch}" == "master" ]]; then - FTLinstall "${binary}" || return 1 + if [[ ${ftlLoc} ]]; then + # We already have a pihole-FTL binary downloaded. + # Alt branches don't have a tagged version against them, so just confirm the checksum of the local vs remote to decide whether we download or not + remoteSha1=$(curl -sSL --fail "https://ftl.pi-hole.net/${ftlBranch}/${binary}.sha1" | cut -d ' ' -f 1) + localSha1=$(sha1sum "$(which pihole-FTL)" | cut -d ' ' -f 1) + + if [[ "${remoteSha1}" != "${localSha1}" ]]; then + echo -e " ${INFO} Checksums do not match, downloading from ftl.pi-hole.net." + return 0 + else + echo -e " ${INFO} Checksum of installed binary matches remote. No need to download!" + return 1 + fi + else + return 0 + fi else if [[ ${ftlLoc} ]]; then local FTLversion @@ -1920,28 +1931,41 @@ FTLdetect() { FTLlatesttag=$(curl -sI https://github.com/pi-hole/FTL/releases/latest | grep 'Location' | awk -F '/' '{print $NF}' | tr -d '\r\n') if [[ "${FTLversion}" != "${FTLlatesttag}" ]]; then - # Install FTL - FTLinstall "${binary}" || return 1 + return 0 else echo -e " ${INFO} Latest FTL Binary already installed (${FTLlatesttag}). Confirming Checksum..." - local remoteSha1 remoteSha1=$(curl -sSL --fail "https://github.com/pi-hole/FTL/releases/download/${FTLversion%$'\r'}/${binary}.sha1" | cut -d ' ' -f 1) - local localSha1 localSha1=$(sha1sum "$(which pihole-FTL)" | cut -d ' ' -f 1) if [[ "${remoteSha1}" != "${localSha1}" ]]; then echo -e " ${INFO} Corruption detected..." - FTLinstall "${binary}" || return 1 + return 0 else echo -e " ${INFO} Checksum correct. No need to download!" + return 1 fi fi else - # Install FTL - FTLinstall "${binary}" || return 1 + return 0 fi fi +} + +# Detect suitable FTL binary platform +FTLdetect() { + echo "" + echo -e " ${INFO} FTL Checks..." + + get_binary_name + + #In the next section we check to see if FTL is already installed (in case of pihole -r). + #If the installed version matches the latest version, then check the installed sha1sum of the binary vs the remote sha1sum. If they do not match, then download + echo -e " ${INFO} Checking for existing FTL binary..." + if FTLcheckUpdate ; then + FTLinstall "${binary}" || return 1 + fi + echo "" } @@ -2225,6 +2249,10 @@ main() { echo -e "\\n ${INFO} The install log is located at: ${installLogLoc} ${COL_LIGHT_GREEN}${INSTALL_TYPE} Complete! ${COL_NC}" + if [[ "${INSTALL_TYPE}" == "Update" ]]; then + echo "" + /usr/local/bin/pihole version --current + fi } # diff --git a/gravity.sh b/gravity.sh index 88ba8bb0..5806dea7 100755 --- a/gravity.sh +++ b/gravity.sh @@ -510,9 +510,11 @@ gravity_ParseBlacklistDomains() { if [[ -f "${piholeDir}/${whitelistMatter}" ]]; then gravity_ParseDomainsIntoHosts "${piholeDir}/${whitelistMatter}" "${piholeDir}/${accretionDisc}" + grep -c "^" "${piholeDir}/${whitelistMatter}" > "${piholeDir}/numBlocked" 2> /dev/null else # There was no whitelist file, so use preEventHorizon instead of whitelistMatter. gravity_ParseDomainsIntoHosts "${piholeDir}/${preEventHorizon}" "${piholeDir}/${accretionDisc}" + grep -c "^" "${piholeDir}/${preEventHorizon}" > "${piholeDir}/numBlocked" 2> /dev/null fi # Move the file over as /etc/pihole/gravity.list so dnsmasq can use it From 56278c6394b5954245c66a76c3a6fd5158b0ac5e Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Mon, 2 Apr 2018 22:06:36 +0100 Subject: [PATCH 046/277] Fix shellcheck complaints Signed-off-by: Adam Warner --- advanced/Scripts/update.sh | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/advanced/Scripts/update.sh b/advanced/Scripts/update.sh index ee168fc4..d80edca2 100755 --- a/advanced/Scripts/update.sh +++ b/advanced/Scripts/update.sh @@ -28,9 +28,12 @@ source "/opt/pihole/COL_TABLE" # make_repo() sourced from basic-install.sh # update_repo() source from basic-install.sh # getGitFiles() sourced from basic-install.sh +# get_binary_name() sourced from basic-install.sh +# FTLcheckUpdate() sourced from basic-install.sh GitCheckUpdateAvail() { - local directory="${1}" + local directory + directory="${1}" curdir=$PWD cd "${directory}" || return @@ -78,8 +81,6 @@ GitCheckUpdateAvail() { } main() { - local pihole_version_current - local web_version_current local basicError="\\n ${COL_LIGHT_RED}Unable to complete update, please contact Pi-hole Support${COL_NC}" local core_update local web_update @@ -111,7 +112,7 @@ main() { get_binary_name > /dev/null # Needed so that we have the correct binary name for the FTL Update check function - if FTLcheckUpdate > /dev/null; then # Function is in sourced basic-install.sh + if FTLcheckUpdate > /dev/null; then FTL_update=true echo -e " ${INFO} FTL:\\t\\t${COL_YELLOW}update available${COL_NC}" else From f37b2bc7c18abfdfff802fa6dc45b3d259f39654 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Mon, 2 Apr 2018 23:22:06 +0100 Subject: [PATCH 047/277] move call to `get_binary_name` into `FTLcheckUpdate()` to avoid having to run that first Signed-off-by: Adam Warner --- advanced/Scripts/update.sh | 2 -- automated install/basic-install.sh | 14 ++++++++------ 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/advanced/Scripts/update.sh b/advanced/Scripts/update.sh index d80edca2..0f9f9783 100755 --- a/advanced/Scripts/update.sh +++ b/advanced/Scripts/update.sh @@ -110,8 +110,6 @@ main() { echo -e " ${INFO} Pi-hole Core:\\t${COL_LIGHT_GREEN}up to date${COL_NC}" fi - get_binary_name > /dev/null # Needed so that we have the correct binary name for the FTL Update check function - if FTLcheckUpdate > /dev/null; then FTL_update=true echo -e " ${INFO} FTL:\\t\\t${COL_YELLOW}update available${COL_NC}" diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index d9c4b8f9..8ade6796 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1893,7 +1893,14 @@ get_binary_name() { FTLcheckUpdate() { - local ftlLoc=$(which pihole-FTL 2>/dev/null) + get_binary_name + + #In the next section we check to see if FTL is already installed (in case of pihole -r). + #If the installed version matches the latest version, then check the installed sha1sum of the binary vs the remote sha1sum. If they do not match, then download + echo -e " ${INFO} Checking for existing FTL binary..." + + local ftlLoc + ftlLoc=$(which pihole-FTL 2>/dev/null) local ftlBranch @@ -1957,11 +1964,6 @@ FTLdetect() { echo "" echo -e " ${INFO} FTL Checks..." - get_binary_name - - #In the next section we check to see if FTL is already installed (in case of pihole -r). - #If the installed version matches the latest version, then check the installed sha1sum of the binary vs the remote sha1sum. If they do not match, then download - echo -e " ${INFO} Checking for existing FTL binary..." if FTLcheckUpdate ; then FTLinstall "${binary}" || return 1 fi From 4941e0f8ad507e0b720b1a0cf13c5b66985043eb Mon Sep 17 00:00:00 2001 From: DL6ER Date: Wed, 4 Apr 2018 13:12:39 +0200 Subject: [PATCH 048/277] Backend changes needed to be able to set the privacy level Signed-off-by: DL6ER --- advanced/Scripts/webpage.sh | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index 5eb35e97..3116f878 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -13,6 +13,7 @@ readonly setupVars="/etc/pihole/setupVars.conf" readonly dnsmasqconfig="/etc/dnsmasq.d/01-pihole.conf" readonly dhcpconfig="/etc/dnsmasq.d/02-pihole-dhcp.conf" +readonly FTLconf="/etc/pihole/pihole-FTL.conf" # 03 -> wildcards readonly dhcpstaticconfig="/etc/dnsmasq.d/04-pihole-static-dhcp.conf" @@ -52,6 +53,19 @@ change_setting() { add_setting "${1}" "${2}" } +addFTLsetting() { + echo "${1}=${2}" >> "${FTLconf}" +} + +deleteFTLsetting() { + sed -i "/${1}/d" "${FTLconf}" +} + +changeFTLsetting() { + deleteFTLsetting "${1}" + addFTLsetting "${1}" "${2}" +} + add_dnsmasq_setting() { if [[ "${2}" != "" ]]; then echo "${1}=${2}" >> "${dnsmasqconfig}" @@ -505,6 +519,13 @@ audit() echo "${args[2]}" >> /etc/pihole/auditlog.list } +SetPrivacyLevel() { + # Set privacy level. Minimum is 0, maximum is 3 + if [ "${args[2]}" -ge 0 ] && [ "${args[2]}" -le 3 ]; then + changeFTLsetting "PRIVACYLEVEL" "${args[2]}" + fi +} + main() { args=("$@") @@ -534,6 +555,7 @@ main() { "-t" | "teleporter" ) Teleporter;; "adlist" ) CustomizeAdLists;; "audit" ) audit;; + "privacylevel" ) SetPrivacyLevel;; * ) helpFunc;; esac From 631f5b484846e8b2ecfd5cd6a4527e4617e672be Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Wed, 4 Apr 2018 16:34:31 +0100 Subject: [PATCH 049/277] Change order of updatable components to match the end output Signed-off-by: Adam Warner --- advanced/Scripts/update.sh | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/advanced/Scripts/update.sh b/advanced/Scripts/update.sh index 0f9f9783..9dbdb680 100755 --- a/advanced/Scripts/update.sh +++ b/advanced/Scripts/update.sh @@ -110,14 +110,6 @@ main() { echo -e " ${INFO} Pi-hole Core:\\t${COL_LIGHT_GREEN}up to date${COL_NC}" fi - if FTLcheckUpdate > /dev/null; then - FTL_update=true - echo -e " ${INFO} FTL:\\t\\t${COL_YELLOW}update available${COL_NC}" - else - FTL_update=false - echo -e " ${INFO} FTL:\\t\\t${COL_LIGHT_GREEN}up to date${COL_NC}" - fi - if [[ "${INSTALL_WEB}" == true ]]; then if ! is_repo "${ADMIN_INTERFACE_DIR}" ; then echo -e "\\n ${COL_LIGHT_RED}Error: Web Admin repo is missing from system! @@ -134,6 +126,14 @@ main() { fi fi + if FTLcheckUpdate > /dev/null; then + FTL_update=true + echo -e " ${INFO} FTL:\\t\\t${COL_YELLOW}update available${COL_NC}" + else + FTL_update=false + echo -e " ${INFO} FTL:\\t\\t${COL_LIGHT_GREEN}up to date${COL_NC}" + fi + if [[ "${core_update}" == false && "${web_update}" == false && "${FTL_update}" == false ]]; then echo "" echo -e " ${TICK} Everything is up to date!" From 6086614274eac0ccd2704a12c37abd7b8685dbeb Mon Sep 17 00:00:00 2001 From: DL6ER Date: Wed, 4 Apr 2018 18:10:23 +0200 Subject: [PATCH 050/277] Add "-l, privacylevel" description to "pihole -a" Signed-off-by: DL6ER --- advanced/Scripts/webpage.sh | 56 ++++++++++++++++++------------------- 1 file changed, 28 insertions(+), 28 deletions(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index 3116f878..ce6c34d2 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -36,7 +36,7 @@ Options: -e, email Set an administrative contact address for the Block Page -h, --help Show this help dialog -i, interface Specify dnsmasq's interface listening behavior - Add '-h' for more info on interface usage" + -l, privacylevel Set privacy level (0 = lowest, 3 = highest)" exit 0 } @@ -530,33 +530,33 @@ main() { args=("$@") case "${args[1]}" in - "-p" | "password" ) SetWebPassword;; - "-c" | "celsius" ) unit="C"; SetTemperatureUnit;; - "-f" | "fahrenheit" ) unit="F"; SetTemperatureUnit;; - "-k" | "kelvin" ) unit="K"; SetTemperatureUnit;; - "setdns" ) SetDNSServers;; - "setexcludedomains" ) SetExcludeDomains;; - "setexcludeclients" ) SetExcludeClients;; - "poweroff" ) Poweroff;; - "reboot" ) Reboot;; - "restartdns" ) RestartDNS;; - "setquerylog" ) SetQueryLogOptions;; - "enabledhcp" ) EnableDHCP;; - "disabledhcp" ) DisableDHCP;; - "layout" ) SetWebUILayout;; - "-h" | "--help" ) helpFunc;; - "privacymode" ) SetPrivacyMode;; - "resolve" ) ResolutionSettings;; - "addstaticdhcp" ) AddDHCPStaticAddress;; - "removestaticdhcp" ) RemoveDHCPStaticAddress;; - "-r" | "hostrecord" ) SetHostRecord "$3";; - "-e" | "email" ) SetAdminEmail "$3";; - "-i" | "interface" ) SetListeningMode "$@";; - "-t" | "teleporter" ) Teleporter;; - "adlist" ) CustomizeAdLists;; - "audit" ) audit;; - "privacylevel" ) SetPrivacyLevel;; - * ) helpFunc;; + "-p" | "password" ) SetWebPassword;; + "-c" | "celsius" ) unit="C"; SetTemperatureUnit;; + "-f" | "fahrenheit" ) unit="F"; SetTemperatureUnit;; + "-k" | "kelvin" ) unit="K"; SetTemperatureUnit;; + "setdns" ) SetDNSServers;; + "setexcludedomains" ) SetExcludeDomains;; + "setexcludeclients" ) SetExcludeClients;; + "poweroff" ) Poweroff;; + "reboot" ) Reboot;; + "restartdns" ) RestartDNS;; + "setquerylog" ) SetQueryLogOptions;; + "enabledhcp" ) EnableDHCP;; + "disabledhcp" ) DisableDHCP;; + "layout" ) SetWebUILayout;; + "-h" | "--help" ) helpFunc;; + "privacymode" ) SetPrivacyMode;; + "resolve" ) ResolutionSettings;; + "addstaticdhcp" ) AddDHCPStaticAddress;; + "removestaticdhcp" ) RemoveDHCPStaticAddress;; + "-r" | "hostrecord" ) SetHostRecord "$3";; + "-e" | "email" ) SetAdminEmail "$3";; + "-i" | "interface" ) SetListeningMode "$@";; + "-t" | "teleporter" ) Teleporter;; + "adlist" ) CustomizeAdLists;; + "audit" ) audit;; + "-l" | "privacylevel" ) SetPrivacyLevel;; + * ) helpFunc;; esac shift From 7361d5d3ea37b9baa718c7fd1d0e4577feb85bb1 Mon Sep 17 00:00:00 2001 From: Razvan Radu Date: Thu, 5 Apr 2018 11:09:07 -0600 Subject: [PATCH 051/277] Update pihole lolcahost probe for DNS status Signed-off-by: Razvan Radu --- pihole | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pihole b/pihole index 4421cb87..566a0ce4 100755 --- a/pihole +++ b/pihole @@ -476,7 +476,7 @@ statusFunc() { local addnConfigs # Determine if service is running on port 53 (Cr: https://superuser.com/a/806331) - if (echo > /dev/tcp/localhost/53) >/dev/null 2>&1; then + if (echo > /dev/tcp/127.0.0.1/53) >/dev/null 2>&1; then if [[ "${1}" != "web" ]]; then echo -e " ${TICK} DNS service is running" fi From 82d5afe9961a7964bc22e70f44ec8fdd504fa855 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Thu, 5 Apr 2018 22:28:55 +0200 Subject: [PATCH 052/277] Silence error in log flush subroutine when no pihole-FTL.conf can be found Signed-off-by: DL6ER --- advanced/Scripts/piholeLogFlush.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/piholeLogFlush.sh b/advanced/Scripts/piholeLogFlush.sh index 5fd9832e..0bc998ac 100755 --- a/advanced/Scripts/piholeLogFlush.sh +++ b/advanced/Scripts/piholeLogFlush.sh @@ -16,7 +16,7 @@ source ${colfile} # Constructed to return nothing when # a) the setting is not present in the config file, or # b) the setting is commented out (e.g. "#DBFILE=...") -DBFILE="$(sed -n -e 's/^\s^.DBFILE\s*=\s*//p' /etc/pihole/pihole-FTL.conf)" +DBFILE="$(sed -n -e 's/^\s^.DBFILE\s*=\s*//p' /etc/pihole/pihole-FTL.conf 2> /dev/null)" # Test for empty string. Use standard path in this case. if [ -z "$DBFILE" ]; then DBFILE="/etc/pihole/pihole-FTL.db" From 250b445eeee8691d9b5a3bfee30f48d46e87853f Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Tue, 10 Apr 2018 21:37:04 -0700 Subject: [PATCH 053/277] Split declaration and population for stickler. Signed-off-by: Dan Schaper --- advanced/Scripts/piholeDebug.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index 33114794..f34b8646 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -494,8 +494,9 @@ parse_setup_vars() { } parse_locale() { + local pihole_locale echo_current_diagnostic "Locale" - local pihole_locale="$(locale)" + pihole_locale="$(locale)" parse_file "${pihole_locale}" } From 952f1271b4a84808e454e1bd3431a5ba52bb42e4 Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Wed, 11 Apr 2018 10:13:09 -0700 Subject: [PATCH 054/277] Do not require DCO for Pi-hole Org members with GPG signed commits. Signed-off-by: Dan Schaper --- .github/dco.yml | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 .github/dco.yml diff --git a/.github/dco.yml b/.github/dco.yml new file mode 100644 index 00000000..0c4b142e --- /dev/null +++ b/.github/dco.yml @@ -0,0 +1,2 @@ +require: + members: false From 5ffc3561eda57963e5b88b74816184869574f66e Mon Sep 17 00:00:00 2001 From: Jacob Salmela Date: Wed, 11 Apr 2018 20:35:51 -0500 Subject: [PATCH 055/277] implement dschapers suggestions--better command, less subshells, and finer formatting Signed-off-by: Jacob Salmela --- advanced/Scripts/piholeDebug.sh | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index 633fb7a9..44e71a25 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -652,15 +652,22 @@ check_required_ports() { # Sort the addresses and remove duplicates while IFS= read -r line; do ports_in_use+=( "$line" ) - done < <( lsof -i -P -n | awk -F' ' '/LISTEN/ {print $1, $9}' | sort -n | tr -d '[*]\r' | uniq | awk '{print $2, $1}' ) + done < <( lsof -iTCP -sTCP:LISTEN -P -n +c 10 ) # Now that we have the values stored, for i in "${!ports_in_use[@]}"; do # loop through them and assign some local variables - local port_number - port_number="$(echo "${ports_in_use[$i]}" | awk '{print $1}')" local service_name - service_name=$(echo "${ports_in_use[$i]}" | awk '{print $2}') + service_name=$(echo "${ports_in_use[$i]}" | awk '{print $1}') + local protocol_type + protocol_type=$(echo "${ports_in_use[$i]}" | awk '{print $5}') + local port_number + port_number="$(echo "${ports_in_use[$i]}" | awk '{print $9}')" + + # Skip the line if it's the titles of the columns the lsof command produces + if [[ "${service_name}" == COMMAND ]]; then + continue + fi # Use a case statement to determine if the right services are using the right ports case "${port_number}" in 53) compare_port_to_service_assigned "${resolver}" @@ -670,7 +677,7 @@ check_required_ports() { 4711) compare_port_to_service_assigned "${ftl}" ;; # If it's not a default port that Pi-hole needs, just print it out for the user to see - *) log_write "[${port_number}] is in use by ${service_name}"; + *) log_write "${port_number} ${service_name} (${protocol_type})"; esac done } From 284f9e3f2f9141e2a7a16b252abd447217b824d6 Mon Sep 17 00:00:00 2001 From: Jacob Salmela Date: Wed, 11 Apr 2018 20:38:56 -0500 Subject: [PATCH 056/277] implement mcats request. removed 'the' Signed-off-by: Jacob Salmela --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index b5e24378..ceeadb30 100644 --- a/README.md +++ b/README.md @@ -151,7 +151,7 @@ There are several ways to [access the dashboard](https://discourse.pi-hole.net/t 3. `http://pi.hole/` (when using Pi-hole as your DNS server) ## Faster-than-light Engine -The FTLDNS[™](https://pi-hole.net/trademark-rules-and-brand-guidelines/) is a lightweight, purpose-built daemon used to provide statistics needed for the Web Interface, and its API can be easily integrated into your own projects. As the name implies, FTLDNS does this all *very quickly*! +FTLDNS[™](https://pi-hole.net/trademark-rules-and-brand-guidelines/) is a lightweight, purpose-built daemon used to provide statistics needed for the Web Interface, and its API can be easily integrated into your own projects. As the name implies, FTLDNS does this all *very quickly*! Some of the statistics you can integrate include: * Total number of domains being blocked From 8e82bf69d8b60dd784fe9f72fba3c1f4d6d149bd Mon Sep 17 00:00:00 2001 From: Jacob Salmela Date: Wed, 11 Apr 2018 20:40:35 -0500 Subject: [PATCH 057/277] update wallet addresses Signed-off-by: Jacob Salmela --- README.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index ceeadb30..5119fd8c 100644 --- a/README.md +++ b/README.md @@ -61,9 +61,10 @@ Make no mistake: **your support is absolutely vital to help keep us innovating!* Sending a donation using our links below is **extremely helpful** in offsetting a portion of our monthly expenses: - PP Donate via PayPal
-- BTC [Bitcoin](https://commerce.coinbase.com/checkout/fb7facaf-bebd-46be-bb77-b358f4546763): 1GKnevUnVaQM2pQieMyeHkpr8DXfkpfAtL
-- BTC [Bitcoin Cash](https://commerce.coinbase.com/checkout/fb7facaf-bebd-46be-bb77-b358f4546763): qqh25hlmqaj99xraw00e47xmf8sysnyxhyww2d7dnh
-- BTC [Ethereum](https://commerce.coinbase.com/checkout/fb7facaf-bebd-46be-bb77-b358f4546763): 0xF00aF43d2431BAD585056492b310e48eC40D87e8 +- BTC [Bitcoin](https://commerce.coinbase.com/checkout/fb7facaf-bebd-46be-bb77-b358f4546763): +3MDPzjXu2hjw5sGLJvKUi1uXbvQPzVrbpF
+- BTC [Bitcoin Cash](https://commerce.coinbase.com/checkout/fb7facaf-bebd-46be-bb77-b358f4546763): qzqsz4aju2eecc6uhs7tus4vlwhhela24sdruf4qp5
+- BTC [Ethereum](https://commerce.coinbase.com/checkout/fb7facaf-bebd-46be-bb77-b358f4546763): 0x79d4e90A4a0C732819526c93e21A3F1356A2FAe1 ### Alternative support If you'd rather not [donate](https://pi-hole.net/donate/) (_which is okay!_), there are other ways you can help support us: From 3b229489c2f4aca05637eef674d5e8c116dbf373 Mon Sep 17 00:00:00 2001 From: Ludovic Rousseau Date: Fri, 13 Apr 2018 09:19:31 +0200 Subject: [PATCH 058/277] Fix regex to find DBFILE= from configuration file The regex ^\s^.DBFILE\s*=\s* does not work to match "DBFILE=" I don't know what the second '^' is used for. With the change I now have the results: DBFILE=/foo/bar -> /foo/bar DBFILE=/foo/bar -> /foo/bar # DBFILE=/foo/bar -> /etc/pihole/pihole-FTL.db xDBFILE=/foo/bar -> /etc/pihole/pihole-FTL.db Signed-off-by: Ludovic Rousseau --- advanced/Scripts/piholeLogFlush.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/piholeLogFlush.sh b/advanced/Scripts/piholeLogFlush.sh index 5fd9832e..ffc9e0f5 100755 --- a/advanced/Scripts/piholeLogFlush.sh +++ b/advanced/Scripts/piholeLogFlush.sh @@ -16,7 +16,7 @@ source ${colfile} # Constructed to return nothing when # a) the setting is not present in the config file, or # b) the setting is commented out (e.g. "#DBFILE=...") -DBFILE="$(sed -n -e 's/^\s^.DBFILE\s*=\s*//p' /etc/pihole/pihole-FTL.conf)" +DBFILE="$(sed -n -e 's/^\s*DBFILE\s*=\s*//p' /etc/pihole/pihole-FTL.conf)" # Test for empty string. Use standard path in this case. if [ -z "$DBFILE" ]; then DBFILE="/etc/pihole/pihole-FTL.db" From d8f85a898130453e4f4ee9f0924d33c3c450dfbc Mon Sep 17 00:00:00 2001 From: Ludovic Rousseau Date: Fri, 13 Apr 2018 11:08:02 +0200 Subject: [PATCH 059/277] Avoid a "No such file or directory" error Check the file /etc/pihole/pihole-FTL.conf exists before trying to use it. without the patch I get, each day, in my logs: sed: can't read /etc/pihole/pihole-FTL.conf: No such file or directory I use a variable FTLconf to not repeat the file name twice. Signed-off-by: Ludovic Rousseau --- advanced/Scripts/piholeLogFlush.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/advanced/Scripts/piholeLogFlush.sh b/advanced/Scripts/piholeLogFlush.sh index ffc9e0f5..9777b613 100755 --- a/advanced/Scripts/piholeLogFlush.sh +++ b/advanced/Scripts/piholeLogFlush.sh @@ -16,7 +16,8 @@ source ${colfile} # Constructed to return nothing when # a) the setting is not present in the config file, or # b) the setting is commented out (e.g. "#DBFILE=...") -DBFILE="$(sed -n -e 's/^\s*DBFILE\s*=\s*//p' /etc/pihole/pihole-FTL.conf)" +FTLconf="/etc/pihole/pihole-FTL.conf" +[ -e "$FTLconf" ] && DBFILE="$(sed -n -e 's/^\s*DBFILE\s*=\s*//p' $FTLconf)" # Test for empty string. Use standard path in this case. if [ -z "$DBFILE" ]; then DBFILE="/etc/pihole/pihole-FTL.db" From 9b3531f634ba59e0d71b25e2ceda1abbf291acf8 Mon Sep 17 00:00:00 2001 From: Ludovic Rousseau Date: Fri, 13 Apr 2018 11:48:34 +0200 Subject: [PATCH 060/277] Fix stylistic issue Expand variable using ${FTLconf} Signed-off-by: Ludovic Rousseau --- advanced/Scripts/piholeLogFlush.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/piholeLogFlush.sh b/advanced/Scripts/piholeLogFlush.sh index 9777b613..be2ca20d 100755 --- a/advanced/Scripts/piholeLogFlush.sh +++ b/advanced/Scripts/piholeLogFlush.sh @@ -17,7 +17,7 @@ source ${colfile} # a) the setting is not present in the config file, or # b) the setting is commented out (e.g. "#DBFILE=...") FTLconf="/etc/pihole/pihole-FTL.conf" -[ -e "$FTLconf" ] && DBFILE="$(sed -n -e 's/^\s*DBFILE\s*=\s*//p' $FTLconf)" +[ -e "$FTLconf" ] && DBFILE="$(sed -n -e 's/^\s*DBFILE\s*=\s*//p' ${FTLconf})" # Test for empty string. Use standard path in this case. if [ -z "$DBFILE" ]; then DBFILE="/etc/pihole/pihole-FTL.db" From 7edab27e53fbe005c542d996bb40a2a54505f5fb Mon Sep 17 00:00:00 2001 From: Ludovic Rousseau Date: Fri, 13 Apr 2018 12:19:55 +0200 Subject: [PATCH 061/277] Stylistic change to use an explicit if/then/fi Signed-off-by: Ludovic Rousseau --- advanced/Scripts/piholeLogFlush.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/advanced/Scripts/piholeLogFlush.sh b/advanced/Scripts/piholeLogFlush.sh index be2ca20d..44af77a6 100755 --- a/advanced/Scripts/piholeLogFlush.sh +++ b/advanced/Scripts/piholeLogFlush.sh @@ -17,7 +17,9 @@ source ${colfile} # a) the setting is not present in the config file, or # b) the setting is commented out (e.g. "#DBFILE=...") FTLconf="/etc/pihole/pihole-FTL.conf" -[ -e "$FTLconf" ] && DBFILE="$(sed -n -e 's/^\s*DBFILE\s*=\s*//p' ${FTLconf})" +if [ -e "$FTLconf" ]; then + DBFILE="$(sed -n -e 's/^\s*DBFILE\s*=\s*//p' ${FTLconf})" +fi # Test for empty string. Use standard path in this case. if [ -z "$DBFILE" ]; then DBFILE="/etc/pihole/pihole-FTL.db" From 8b5dcc3872de9a77833d2ed680cfac525350574c Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Fri, 13 Apr 2018 16:53:57 +0100 Subject: [PATCH 062/277] Match change made by 7edab27 to prevent merge conflict Signed-off-by: Adam Warner --- advanced/Scripts/piholeLogFlush.sh | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/advanced/Scripts/piholeLogFlush.sh b/advanced/Scripts/piholeLogFlush.sh index 0bc998ac..d9ac5ebd 100755 --- a/advanced/Scripts/piholeLogFlush.sh +++ b/advanced/Scripts/piholeLogFlush.sh @@ -16,12 +16,10 @@ source ${colfile} # Constructed to return nothing when # a) the setting is not present in the config file, or # b) the setting is commented out (e.g. "#DBFILE=...") -DBFILE="$(sed -n -e 's/^\s^.DBFILE\s*=\s*//p' /etc/pihole/pihole-FTL.conf 2> /dev/null)" -# Test for empty string. Use standard path in this case. -if [ -z "$DBFILE" ]; then - DBFILE="/etc/pihole/pihole-FTL.db" +FTLconf="/etc/pihole/pihole-FTL.conf" +if [ -e "$FTLconf" ]; then + DBFILE="$(sed -n -e 's/^\s*DBFILE\s*=\s*//p' ${FTLconf})" fi - if [[ "$@" != *"quiet"* ]]; then echo -ne " ${INFO} Flushing /var/log/pihole.log ..." fi From 3a483a1b203d4f4bc2a913d97c9a33562cc2e7cf Mon Sep 17 00:00:00 2001 From: "Daniel (Fourdee)" Date: Sun, 15 Apr 2018 02:08:16 +0100 Subject: [PATCH 063/277] install_web_server + Splits web interface and server into two variables. + Option to disable forced install of Lighttpd. --- advanced/Scripts/piholeCheckout.sh | 2 +- advanced/Scripts/update.sh | 4 +- automated install/basic-install.sh | 119 +++++++++++++++-------------- automated install/uninstall.sh | 9 +-- 4 files changed, 67 insertions(+), 67 deletions(-) diff --git a/advanced/Scripts/piholeCheckout.sh b/advanced/Scripts/piholeCheckout.sh index 21919ddf..e7bc244e 100644 --- a/advanced/Scripts/piholeCheckout.sh +++ b/advanced/Scripts/piholeCheckout.sh @@ -222,7 +222,7 @@ checkout() { Please re-run install script from https://github.com/pi-hole/pi-hole${COL_NC}" exit 1; fi - if [[ "${INSTALL_WEB}" == "true" ]]; then + if [[ "${INSTALL_WEB_INTERFACE}" == "true" ]]; then if ! is_repo "${webInterfaceDir}" ; then echo -e " ${COL_LIGHT_RED}Error: Web Admin repo is missing from system! Please re-run install script from https://github.com/pi-hole/pi-hole${COL_NC}" diff --git a/advanced/Scripts/update.sh b/advanced/Scripts/update.sh index a4ada4c8..c8a2bffb 100755 --- a/advanced/Scripts/update.sh +++ b/advanced/Scripts/update.sh @@ -94,7 +94,7 @@ main() { local pihole_version_current local web_version_current local basicError="\\n ${COL_LIGHT_RED}Unable to complete update, please contact Pi-hole Support${COL_NC}" - + # shellcheck disable=1090,2154 source "${setupVars}" @@ -133,7 +133,7 @@ main() { echo "" fi - if [[ "${INSTALL_WEB}" == true ]]; then + if [[ "${INSTALL_WEB_INTERFACE}" == true ]]; then if ! is_repo "${ADMIN_INTERFACE_DIR}" ; then echo -e "\\n ${COL_LIGHT_RED}Error: Web Admin repo is missing from system! Please re-run install script from https://pi-hole.net${COL_NC}" diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index f786d703..79fe17bf 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -55,7 +55,7 @@ IPV4_ADDRESS="" IPV6_ADDRESS="" # By default, query logging is enabled and the dashboard is set to be installed QUERY_LOGGING=true -INSTALL_WEB=true +INSTALL_WEB_INTERFACE=true # Find the rows and columns will default to 80x24 if it can not be detected @@ -76,6 +76,16 @@ c=$(( c < 70 ? 70 : c )) skipSpaceCheck=false reconfigure=false runUnattended=false +INSTALL_WEB_SERVER=true +# Check arguments for the undocumented flags +for var in "$@"; do + case "$var" in + "--reconfigure" ) reconfigure=true;; + "--i_do_not_follow_recommendations" ) skipSpaceCheck=true;; + "--unattended" ) runUnattended=true;; + "--disable-install-webserver" ) INSTALL_WEB_SERVER=false;; + esac +done # If the color table file exists, if [[ -f "${coltable}" ]]; then @@ -948,12 +958,13 @@ setAdminFlag() { "On (Recommended)") echo -e " ${INFO} Web Interface On" # Set it to true - INSTALL_WEB=true + INSTALL_WEB_INTERFACE=true ;; Off) echo -e " ${INFO} Web Interface Off" # or false - INSTALL_WEB=false + INSTALL_WEB_INTERFACE=false + INSTALL_WEB_SERVER=false ;; esac } @@ -1092,7 +1103,7 @@ installConfigs() { version_check_dnsmasq # If the user chose to install the dashboard, - if [[ "${INSTALL_WEB}" == true ]]; then + if [[ "${INSTALL_WEB_SERVER}" == true ]]; then # and if the Web server conf directory does not exist, if [[ ! -d "/etc/lighttpd" ]]; then # make it @@ -1455,7 +1466,7 @@ configureFirewall() { # finalExports() { # If the Web interface is not set to be installed, - if [[ "${INSTALL_WEB}" == false ]]; then + if [[ "${INSTALL_WEB_INTERFACE}" == false ]]; then # and if there is not an IPv4 address, if [[ "${IPV4_ADDRESS}" ]]; then # there is no block page, so set IPv4 to 0.0.0.0 (all IP addresses) @@ -1470,7 +1481,7 @@ finalExports() { # If the setup variable file exists, if [[ -e "${setupVars}" ]]; then # update the variables in the file - sed -i.update.bak '/PIHOLE_INTERFACE/d;/IPV4_ADDRESS/d;/IPV6_ADDRESS/d;/PIHOLE_DNS_1/d;/PIHOLE_DNS_2/d;/QUERY_LOGGING/d;/INSTALL_WEB/d;/LIGHTTPD_ENABLED/d;' "${setupVars}" + sed -i.update.bak '/PIHOLE_INTERFACE/d;/IPV4_ADDRESS/d;/IPV6_ADDRESS/d;/PIHOLE_DNS_1/d;/PIHOLE_DNS_2/d;/QUERY_LOGGING/d;/INSTALL_WEB_SERVER/d;INSTALL_WEB_INTERFACE/d;/LIGHTTPD_ENABLED/d;' "${setupVars}" fi # echo the information to the user { @@ -1480,7 +1491,8 @@ finalExports() { echo "PIHOLE_DNS_1=${PIHOLE_DNS_1}" echo "PIHOLE_DNS_2=${PIHOLE_DNS_2}" echo "QUERY_LOGGING=${QUERY_LOGGING}" - echo "INSTALL_WEB=${INSTALL_WEB}" + echo "INSTALL_WEB_SERVER=${INSTALL_WEB_SERVER}" + echo "INSTALL_WEB_INTERFACE=${INSTALL_WEB_INTERFACE}" echo "LIGHTTPD_ENABLED=${LIGHTTPD_ENABLED}" }>> "${setupVars}" @@ -1524,25 +1536,28 @@ installPihole() { create_pihole_user # If the user wants to install the Web interface, - if [[ "${INSTALL_WEB}" == true ]]; then + if [[ "${INSTALL_WEB_INTERFACE}" == true ]]; then if [[ ! -d "/var/www/html" ]]; then # make the Web directory if necessary mkdir -p /var/www/html fi - # Set the owner and permissions - chown ${LIGHTTPD_USER}:${LIGHTTPD_GROUP} /var/www/html - chmod 775 /var/www/html - # Give pihole access to the Web server group - usermod -a -G ${LIGHTTPD_GROUP} pihole - # If the lighttpd command is executable, - if [[ -x "$(command -v lighty-enable-mod)" ]]; then - # enable fastcgi and fastcgi-php - lighty-enable-mod fastcgi fastcgi-php > /dev/null || true - else - # Othweise, show info about installing them - echo -e " ${INFO} Warning: 'lighty-enable-mod' utility not found - Please ensure fastcgi is enabled if you experience issues\\n" - fi + + if [[ "${INSTALL_WEB_SERVER}" == true ]]; then + # Set the owner and permissions + chown ${LIGHTTPD_USER}:${LIGHTTPD_GROUP} /var/www/html + chmod 775 /var/www/html + # Give pihole access to the Web server group + usermod -a -G ${LIGHTTPD_GROUP} pihole + # If the lighttpd command is executable, + if [[ -x "$(command -v lighty-enable-mod)" ]]; then + # enable fastcgi and fastcgi-php + lighty-enable-mod fastcgi fastcgi-php > /dev/null || true + else + # Othweise, show info about installing them + echo -e " ${INFO} Warning: 'lighty-enable-mod' utility not found + Please ensure fastcgi is enabled if you experience issues\\n" + fi + fi fi # Install scripts, installScripts @@ -1551,7 +1566,7 @@ installPihole() { # and create the log file CreateLogFile # If the user wants to install the dashboard, - if [[ "${INSTALL_WEB}" == true ]]; then + if [[ "${INSTALL_WEB_INTERFACE}" == true ]]; then # do so installPiholeWeb fi @@ -1589,7 +1604,7 @@ updatePihole() { # Create the log file CreateLogFile # If the user wants to install the dasboard, - if [[ "${INSTALL_WEB}" == true ]]; then + if [[ "${INSTALL_WEB_INTERFACE}" == true ]]; then # do so installPiholeWeb fi @@ -1639,7 +1654,7 @@ displayFinalMessage() { pwstring="NOT SET" fi # If the user wants to install the dashboard, - if [[ "${INSTALL_WEB}" == true ]]; then + if [[ "${INSTALL_WEB_INTERFACE}" == true ]]; then # Store a message in a variable and display it additional="View the web interface at http://pi.hole/admin or http://${IPV4_ADDRESS%/*}/admin @@ -1707,7 +1722,7 @@ clone_or_update_repos() { exit 1; \ } # If the Web interface was installed, - if [[ "${INSTALL_WEB}" == true ]]; then + if [[ "${INSTALL_WEB_INTERFACE}" == true ]]; then # reset it's repo resetRepo ${webInterfaceDir} || \ { echo -e " ${COL_LIGHT_RED}Unable to reset ${webInterfaceDir}, exiting installer${COL_NC}"; \ @@ -1722,7 +1737,7 @@ clone_or_update_repos() { exit 1; \ } # If the Web interface was installed, - if [[ "${INSTALL_WEB}" == true ]]; then + if [[ "${INSTALL_WEB_INTERFACE}" == true ]]; then # get the Web git files getGitFiles ${webInterfaceDir} ${webInterfaceGitUrl} || \ { echo -e " ${COL_LIGHT_RED}Unable to clone ${webInterfaceGitUrl} into ${webInterfaceDir}, exiting installer${COL_NC}"; \ @@ -1950,15 +1965,6 @@ main() { # Check for supported distribution distro_check - # Check arguments for the undocumented flags - for var in "$@"; do - case "$var" in - "--reconfigure" ) reconfigure=true;; - "--i_do_not_follow_recommendations" ) skipSpaceCheck=true;; - "--unattended" ) runUnattended=true;; - esac - done - # If the setup variable file exists, if [[ -f "${setupVars}" ]]; then # if it's running unattended, @@ -2000,7 +2006,7 @@ main() { mkdir -p /etc/pihole/ stop_service dnsmasq - if [[ "${INSTALL_WEB}" == true ]]; then + if [[ "${INSTALL_WEB_SERVER}" == true ]]; then stop_service lighttpd fi # Determine available interfaces @@ -2018,21 +2024,19 @@ main() { # Clone/Update the repos clone_or_update_repos - # Install packages used by the Pi-hole - if [[ "${INSTALL_WEB}" == true ]]; then + # Install the Core dependencies + local dep_install_list=("${PIHOLE_DEPS[@]}") + if [[ "${INSTALL_WEB_SERVER}" == true ]]; then # Install the Web dependencies - DEPS=("${PIHOLE_DEPS[@]}" "${PIHOLE_WEB_DEPS[@]}") - # Otherwise, - else - # just install the Core dependencies - DEPS=("${PIHOLE_DEPS[@]}") + dep_install_list+=("${PIHOLE_WEB_DEPS[@]}") fi - install_dependent_packages DEPS[@] + install_dependent_packages dep_install_list[@] + unset dep_install_list # On some systems, lighttpd is not enabled on first install. We need to enable it here if the user # has chosen to install the web interface, else the `LIGHTTPD_ENABLED` check will fail - if [[ "${INSTALL_WEB}" == true ]]; then + if [[ "${INSTALL_WEB_SERVER}" == true ]]; then enable_service lighttpd fi @@ -2053,16 +2057,15 @@ main() { # Clone/Update the repos clone_or_update_repos - # Install packages used by the Pi-hole - if [[ "${INSTALL_WEB}" == true ]]; then + # Install the Core dependencies + local dep_install_list=("${PIHOLE_DEPS[@]}") + if [[ "${INSTALL_WEB_SERVER}" == true ]]; then # Install the Web dependencies - DEPS=("${PIHOLE_DEPS[@]}" "${PIHOLE_WEB_DEPS[@]}") - # Otherwise, - else - # just install the Core dependencies - DEPS=("${PIHOLE_DEPS[@]}") + dep_install_list+=("${PIHOLE_WEB_DEPS[@]}") fi - install_dependent_packages DEPS[@] + + install_dependent_packages dep_install_list[@] + unset dep_install_list if [[ -x "$(command -v systemctl)" ]]; then # Value will either be 1, if true, or 0 @@ -2077,7 +2080,7 @@ main() { # Copy the temp log file into final log location for storage copy_to_install_log - if [[ "${INSTALL_WEB}" == true ]]; then + if [[ "${INSTALL_WEB_INTERFACE}" == true ]]; then # Add password to web UI if there is none pw="" # If no password is set, @@ -2096,7 +2099,7 @@ main() { enable_service dnsmasq # If the Web server was installed, - if [[ "${INSTALL_WEB}" == true ]]; then + if [[ "${INSTALL_WEB_SERVER}" == true ]]; then if [[ "${LIGHTTPD_ENABLED}" == "1" ]]; then start_service lighttpd @@ -2123,7 +2126,7 @@ main() { fi # If the Web interface was installed, - if [[ "${INSTALL_WEB}" == true ]]; then + if [[ "${INSTALL_WEB_INTERFACE}" == true ]]; then # If there is a password, if (( ${#pw} > 0 )) ; then # display the password @@ -2135,7 +2138,7 @@ main() { # if [[ "${useUpdateVars}" == false ]]; then # If the Web interface was installed, - if [[ "${INSTALL_WEB}" == true ]]; then + if [[ "${INSTALL_WEB_INTERFACE}" == true ]]; then echo -e " View the web interface at http://pi.hole/admin or http://${IPV4_ADDRESS%/*}/admin" echo "" fi diff --git a/automated install/uninstall.sh b/automated install/uninstall.sh index 2f4f4f9f..2f4c58a1 100755 --- a/automated install/uninstall.sh +++ b/automated install/uninstall.sh @@ -46,13 +46,10 @@ source "${setupVars}" distro_check # Install packages used by the Pi-hole -if [[ "${INSTALL_WEB}" == true ]]; then +DEPS=("${INSTALLER_DEPS[@]}" "${PIHOLE_DEPS[@]}") +if [[ "${INSTALL_WEB_SERVER}" == true ]]; then # Install the Web dependencies - DEPS=("${INSTALLER_DEPS[@]}" "${PIHOLE_DEPS[@]}" "${PIHOLE_WEB_DEPS[@]}") -# Otherwise, -else - # just install the Core dependencies - DEPS=("${INSTALLER_DEPS[@]}" "${PIHOLE_DEPS[@]}") + DEPS+=("${PIHOLE_WEB_DEPS[@]}") fi # Compatability From bca23dd896e743575e3b9925e3c63f320e421f09 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Sun, 15 Apr 2018 18:25:35 +0100 Subject: [PATCH 064/277] Allow passing of --check-only to update script. Don't run installer for updating web files, it's handled by getGitFiles. I think this works... Signed-off-by: Adam Warner --- advanced/Scripts/update.sh | 14 +++++++++++++- pihole | 4 ++-- 2 files changed, 15 insertions(+), 3 deletions(-) diff --git a/advanced/Scripts/update.sh b/advanced/Scripts/update.sh index 9dbdb680..f0deab2b 100755 --- a/advanced/Scripts/update.sh +++ b/advanced/Scripts/update.sh @@ -19,6 +19,9 @@ readonly PI_HOLE_FILES_DIR="/etc/.pihole" # shellcheck disable=SC2034 PH_TEST=true +# when --check-only is passed to this script, it will not perform the actual update +CHECK_ONLY=false + # shellcheck disable=SC1090 source "${PI_HOLE_FILES_DIR}/automated install/basic-install.sh" # shellcheck disable=SC1091 @@ -140,6 +143,11 @@ main() { exit 0 fi + if [[ "${CHECK_ONLY}" == true ]]; then + echo "" + exit 0 + fi + if [[ "${core_update}" == true ]]; then echo "" echo -e " ${INFO} Pi-hole core files out of date, updating local repo." @@ -159,7 +167,7 @@ main() { echo -e " ${INFO} FTL out of date, it will be updated by the installer." fi - if [[ "${FTL_update}" == true || "${core_update}" == true || "${web_update}" == true ]]; then + if [[ "${FTL_update}" == true || "${core_update}" == true ]]; then ${PI_HOLE_FILES_DIR}/automated\ install/basic-install.sh --reconfigure --unattended || \ echo -e "${basicError}" && exit 1 fi @@ -167,4 +175,8 @@ main() { exit 0 } +if [[ "$1" == "--check-only" ]]; then + CHECK_ONLY=true +fi + main diff --git a/pihole b/pihole index 4c824242..8ae85f00 100755 --- a/pihole +++ b/pihole @@ -71,7 +71,7 @@ flushFunc() { } updatePiholeFunc() { - "${PI_HOLE_SCRIPT_DIR}"/update.sh + "${PI_HOLE_SCRIPT_DIR}"/update.sh "$@" exit 0 } @@ -644,7 +644,7 @@ case "${1}" in "-wild" | "wildcard" ) wildcardFunc "$@";; "-d" | "debug" ) debugFunc "$@";; "-f" | "flush" ) flushFunc "$@";; - "-up" | "updatePihole" ) updatePiholeFunc;; + "-up" | "updatePihole" ) updatePiholeFunc "$@";; "-r" | "reconfigure" ) reconfigurePiholeFunc;; "-g" | "updateGravity" ) updateGravityFunc "$@";; "-c" | "chronometer" ) chronometerFunc "$@";; From 33148ba8328a1646f4ed1b36a5a736a66a24b94d Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Sun, 15 Apr 2018 18:30:13 +0100 Subject: [PATCH 065/277] Add help text to pihole command to document new flag Signed-off-by: Adam Warner --- pihole | 1 + 1 file changed, 1 insertion(+) diff --git a/pihole b/pihole index 8ae85f00..3a15df7b 100755 --- a/pihole +++ b/pihole @@ -620,6 +620,7 @@ Options: -q, query Query the adlists for a specified domain Add '-h' for more info on query usage -up, updatePihole Update Pi-hole subsystems + Add '--check-only' to exit script before update is performed. -v, version Show installed versions of Pi-hole, Admin Console & FTL Add '-h' for more info on version usage uninstall Uninstall Pi-hole from your system From e49a9096a52124fbb61e1195f5d949156ad5e03d Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Sun, 15 Apr 2018 18:37:32 +0100 Subject: [PATCH 066/277] accidentally a 'shift' Signed-off-by: Adam Warner --- pihole | 1 + 1 file changed, 1 insertion(+) diff --git a/pihole b/pihole index 3a15df7b..cb75861b 100755 --- a/pihole +++ b/pihole @@ -71,6 +71,7 @@ flushFunc() { } updatePiholeFunc() { + shift "${PI_HOLE_SCRIPT_DIR}"/update.sh "$@" exit 0 } From 776ae924169ac53aa883d92429b84b867ece3dc1 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Sun, 15 Apr 2018 21:33:10 +0100 Subject: [PATCH 067/277] fix some shellcheck/stickler compaints in debug script Signed-off-by: Adam Warner --- advanced/Scripts/piholeDebug.sh | 169 +++++++++++++++++--------------- 1 file changed, 88 insertions(+), 81 deletions(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index 94ff3fb3..34b01a72 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -8,6 +8,7 @@ # This file is copyright under the latest version of the EUPL. # Please see LICENSE file for your rights under this license. +# shellcheck source=/dev/null # -e option instructs bash to immediately exit if any command [1] has a non-zero exit status # -u a reference to any variable you haven't previously defined @@ -37,7 +38,7 @@ else TICK="[${COL_GREEN}✓${COL_NC}]" CROSS="[${COL_RED}✗${COL_NC}]" INFO="[i]" - OVER="\r\033[K" + OVER="\\r\\033[K" fi OBFUSCATED_PLACEHOLDER="" @@ -92,7 +93,7 @@ PIHOLE_USER_DEFINED_AD_LISTS="${PIHOLE_DIRECTORY}/adlists.list" PIHOLE_BLACKLIST_FILE="${PIHOLE_DIRECTORY}/blacklist.txt" PIHOLE_BLOCKLIST_FILE="${PIHOLE_DIRECTORY}/gravity.list" PIHOLE_INSTALL_LOG_FILE="${PIHOLE_DIRECTORY}/install.log" -PIHOLE_RAW_BLOCKLIST_FILES=${PIHOLE_DIRECTORY}/list.* +PIHOLE_RAW_BLOCKLIST_FILES="${PIHOLE_DIRECTORY}/list.*" PIHOLE_LOCAL_HOSTS_FILE="${PIHOLE_DIRECTORY}/local.list" PIHOLE_LOGROTATE_FILE="${PIHOLE_DIRECTORY}/logrotate" PIHOLE_SETUP_VARS_FILE="${PIHOLE_DIRECTORY}/setupVars.conf" @@ -105,7 +106,7 @@ FTL_PID="${RUN_DIRECTORY}/pihole-FTL.pid" FTL_PORT="${RUN_DIRECTORY}/pihole-FTL.port" PIHOLE_LOG="${LOG_DIRECTORY}/pihole.log" -PIHOLE_LOG_GZIPS=${LOG_DIRECTORY}/pihole.log.[0-9].* +PIHOLE_LOG_GZIPS="${LOG_DIRECTORY}/pihole.log.[0-9].*" PIHOLE_DEBUG_LOG="${LOG_DIRECTORY}/pihole_debug.log" PIHOLE_DEBUG_LOG_SANITIZED="${LOG_DIRECTORY}/pihole_debug-sanitized.log" PIHOLE_FTL_LOG="${LOG_DIRECTORY}/pihole-FTL.log" @@ -121,47 +122,46 @@ SUPPORTED_OS=("Raspbian" "Ubuntu" "Fedora" "Debian" "CentOS") PIHOLE_PROCESSES=( "dnsmasq" "lighttpd" "pihole-FTL" ) # Store the required directories in an array so it can be parsed through -REQUIRED_DIRECTORIES=(${CORE_GIT_DIRECTORY} -${CRON_D_DIRECTORY} -${DNSMASQ_D_DIRECTORY} -${PIHOLE_DIRECTORY} -${PIHOLE_SCRIPTS_DIRECTORY} -${BIN_DIRECTORY} -${RUN_DIRECTORY} -${LOG_DIRECTORY} -${WEB_SERVER_LOG_DIRECTORY} -${WEB_SERVER_CONFIG_DIRECTORY} -${HTML_DIRECTORY} -${WEB_GIT_DIRECTORY} -${BLOCK_PAGE_DIRECTORY}) +REQUIRED_DIRECTORIES=("${CORE_GIT_DIRECTORY}" +"${CRON_D_DIRECTORY}" +"${DNSMASQ_D_DIRECTORY}" +"${PIHOLE_DIRECTORY}" +"${PIHOLE_SCRIPTS_DIRECTORY}" +"${BIN_DIRECTORY}" +"${RUN_DIRECTORY}" +"${LOG_DIRECTORY}" +"${WEB_SERVER_LOG_DIRECTORY}" +"${WEB_SERVER_CONFIG_DIRECTORY}" +"${HTML_DIRECTORY}" +"${WEB_GIT_DIRECTORY}" +"${BLOCK_PAGE_DIRECTORY}") # Store the required directories in an array so it can be parsed through -mapfile -t array <<< "$var" -REQUIRED_FILES=(${PIHOLE_CRON_FILE} -${PIHOLE_DNS_CONFIG_FILE} -${PIHOLE_DHCP_CONFIG_FILE} -${PIHOLE_WILDCARD_CONFIG_FILE} -${WEB_SERVER_CONFIG_FILE} -${PIHOLE_DEFAULT_AD_LISTS} -${PIHOLE_USER_DEFINED_AD_LISTS} -${PIHOLE_BLACKLIST_FILE} -${PIHOLE_BLOCKLIST_FILE} -${PIHOLE_INSTALL_LOG_FILE} -${PIHOLE_RAW_BLOCKLIST_FILES} -${PIHOLE_LOCAL_HOSTS_FILE} -${PIHOLE_LOGROTATE_FILE} -${PIHOLE_SETUP_VARS_FILE} -${PIHOLE_WHITELIST_FILE} -${PIHOLE_COMMAND} -${PIHOLE_COLTABLE_FILE} -${FTL_PID} -${FTL_PORT} -${PIHOLE_LOG} -${PIHOLE_LOG_GZIPS} -${PIHOLE_DEBUG_LOG} -${PIHOLE_FTL_LOG} -${PIHOLE_WEB_SERVER_ACCESS_LOG_FILE} -${PIHOLE_WEB_SERVER_ERROR_LOG_FILE}) +REQUIRED_FILES=("${PIHOLE_CRON_FILE}" +"${PIHOLE_DNS_CONFIG_FILE}" +"${PIHOLE_DHCP_CONFIG_FILE}" +"${PIHOLE_WILDCARD_CONFIG_FILE}" +"${WEB_SERVER_CONFIG_FILE}" +"${PIHOLE_DEFAULT_AD_LISTS}" +"${PIHOLE_USER_DEFINED_AD_LISTS}" +"${PIHOLE_BLACKLIST_FILE}" +"${PIHOLE_BLOCKLIST_FILE}" +"${PIHOLE_INSTALL_LOG_FILE}" +"${PIHOLE_RAW_BLOCKLIST_FILES}" +"${PIHOLE_LOCAL_HOSTS_FILE}" +"${PIHOLE_LOGROTATE_FILE}" +"${PIHOLE_SETUP_VARS_FILE}" +"${PIHOLE_WHITELIST_FILE}" +"${PIHOLE_COMMAND}" +"${PIHOLE_COLTABLE_FILE}" +"${FTL_PID}" +"${FTL_PORT}" +"${PIHOLE_LOG}" +"${PIHOLE_LOG_GZIPS}" +"${PIHOLE_DEBUG_LOG}" +"${PIHOLE_FTL_LOG}" +"${PIHOLE_WEB_SERVER_ACCESS_LOG_FILE}" +"${PIHOLE_WEB_SERVER_ERROR_LOG_FILE}") DISCLAIMER="This process collects information from your Pi-hole, and optionally uploads it to a unique and random directory on tricorder.pi-hole.net. @@ -176,7 +176,7 @@ show_disclaimer(){ source_setup_variables() { # Display the current test that is running - log_write "\n${COL_PURPLE}*** [ INITIALIZING ]${COL_NC} Sourcing setup variables" + log_write "\\n${COL_PURPLE}*** [ INITIALIZING ]${COL_NC} Sourcing setup variables" # If the variable file exists, if ls "${PIHOLE_SETUP_VARS_FILE}" 1> /dev/null 2>&1; then log_write "${INFO} Sourcing ${PIHOLE_SETUP_VARS_FILE}..."; @@ -231,7 +231,7 @@ initialize_debug() { echo_current_diagnostic() { # Colors are used for visually distinguishing each test in the output # These colors do not show in the GUI, but the formatting will - log_write "\n${COL_PURPLE}*** [ DIAGNOSING ]:${COL_NC} ${1}" + log_write "\\n${COL_PURPLE}*** [ DIAGNOSING ]:${COL_NC} ${1}" } compare_local_version_to_git_version() { @@ -365,7 +365,7 @@ check_critical_program_versions() { is_os_supported() { local os_to_check="${1}" # Strip just the base name of the system using sed - the_os=$(echo ${os_to_check} | sed 's/ .*//') + the_os=$(echo "${os_to_check}" | sed 's/ .*//') # If the variable is one of our supported OSes, case "${the_os}" in # Print it in green @@ -391,7 +391,8 @@ get_distro_attributes() { # For each line found in an /etc/*release file, for distro_attribute in "${distro_info[@]}"; do # store the key in a variable - local pretty_name_key=$(echo "${distro_attribute}" | grep "PRETTY_NAME" | cut -d '=' -f1) + local pretty_name_key + pretty_name_key=$(echo "${distro_attribute}" | grep "PRETTY_NAME" | cut -d '=' -f1) # we need just the OS PRETTY_NAME, if [[ "${pretty_name_key}" == "PRETTY_NAME" ]]; then # so save in in a variable when we find it @@ -499,7 +500,8 @@ does_ip_match_setup_vars() { # IP address to check for local ip_address="${2}" # See what IP is in the setupVars.conf file - local setup_vars_ip=$(< ${PIHOLE_SETUP_VARS_FILE} grep IPV${protocol}_ADDRESS | cut -d '=' -f2) + local setup_vars_ip + setup_vars_ip=$(< ${PIHOLE_SETUP_VARS_FILE} grep IPV"${protocol}"_ADDRESS | cut -d '=' -f2) # If it's an IPv6 address if [[ "${protocol}" == "6" ]]; then # Strip off the / (CIDR notation) @@ -530,10 +532,10 @@ detect_ip_addresses() { # Use ip to show the addresses for the chosen protocol # Store the values in an arry so they can be looped through # Get the lines that are in the file(s) and store them in an array for parsing later - declare -a ip_addr_list=( $(ip -${protocol} addr show dev ${PIHOLE_INTERFACE} | awk -F ' ' '{ for(i=1;i<=NF;i++) if ($i ~ '/^inet/') print $(i+1) }') ) + mapfile -t ip_addr_list < <(ip -"${protocol}" addr show dev "${PIHOLE_INTERFACE}" | awk -F ' ' '{ for(i=1;i<=NF;i++) if ($i ~ '/^inet/') print $(i+1) }') # If there is something in the IP address list, - if [[ -n ${ip_addr_list} ]]; then + if [[ -n ${ip_addr_list[*]} ]]; then # Local iterator local i # Display the protocol and interface @@ -547,15 +549,15 @@ detect_ip_addresses() { log_write "" else # If there are no IPs detected, explain that the protocol is not configured - log_write "${CROSS} ${COL_RED}No IPv${protocol} address(es) found on the ${PIHOLE_INTERFACE}${COL_NC} interface.\n" + log_write "${CROSS} ${COL_RED}No IPv${protocol} address(es) found on the ${PIHOLE_INTERFACE}${COL_NC} interface.\\n" return 1 fi # If the protocol is v6 if [[ "${protocol}" == "6" ]]; then # let the user know that as long as there is one green address, things should be ok log_write " ^ Please note that you may have more than one IP address listed." - log_write " As long as one of them is green, and it matches what is in ${PIHOLE_SETUP_VARS_FILE}, there is no need for concern.\n" - log_write " The link to the FAQ is for an issue that sometimes occurs when the IPv6 address changes, which is why we check for it.\n" + log_write " As long as one of them is green, and it matches what is in ${PIHOLE_SETUP_VARS_FILE}, there is no need for concern.\\n" + log_write " The link to the FAQ is for an issue that sometimes occurs when the IPv6 address changes, which is why we check for it.\\n" fi } @@ -582,7 +584,7 @@ ping_gateway() { # Check if we are using IPv4 or IPv6 # Find the default gateway using IPv4 or IPv6 local gateway - gateway="$(ip -${protocol} route | grep default | cut -d ' ' -f 3)" + gateway="$(ip -"${protocol}" route | grep default | cut -d ' ' -f 3)" # If the gateway variable has a value (meaning a gateway was found), if [[ -n "${gateway}" ]]; then @@ -592,9 +594,9 @@ ping_gateway() { # Try to quietly ping the gateway 3 times, with a timeout of 3 seconds, using numeric output only, # on the pihole interface, and tail the last three lines of the output # If pinging the gateway is not successful, - if ! ${cmd} -c 1 -W 2 -n ${gateway} -I ${PIHOLE_INTERFACE} >/dev/null; then + if ! ${cmd} -c 1 -W 2 -n "${gateway}" -I "${PIHOLE_INTERFACE}" >/dev/null; then # let the user know - log_write "${CROSS} ${COL_RED}Gateway did not respond.${COL_NC} ($FAQ_GATEWAY)\n" + log_write "${CROSS} ${COL_RED}Gateway did not respond.${COL_NC} ($FAQ_GATEWAY)\\n" # and return an error code return 1 # Otherwise, @@ -613,13 +615,13 @@ ping_internet() { ping_ipv4_or_ipv6 "${protocol}" log_write "* Checking Internet connectivity via IPv${protocol}..." # Try to ping the address 3 times - if ! ${cmd} -c 1 -W 2 -n ${public_address} -I ${PIHOLE_INTERFACE} >/dev/null; then + if ! ${cmd} -c 1 -W 2 -n ${public_address} -I "${PIHOLE_INTERFACE}" >/dev/null; then # if it's unsuccessful, show an error - log_write "${CROSS} ${COL_RED}Cannot reach the Internet.${COL_NC}\n" + log_write "${CROSS} ${COL_RED}Cannot reach the Internet.${COL_NC}\\n" return 1 else # Otherwise, show success - log_write "${TICK} ${COL_GREEN}Query responded.${COL_NC}\n" + log_write "${TICK} ${COL_GREEN}Query responded.${COL_NC}\\n" return 0 fi } @@ -766,7 +768,8 @@ dig_at() { # Find a random blocked url that has not been whitelisted. # This helps emulate queries to different domains that a user might query # It will also give extra assurance that Pi-hole is correctly resolving and blocking domains - local random_url=$(shuf -n 1 "${PIHOLE_BLOCKLIST_FILE}" | awk -F ' ' '{ print $2 }') + local random_url + random_url=$(shuf -n 1 "${PIHOLE_BLOCKLIST_FILE}" | awk -F ' ' '{ print $2 }') # First, do a dig on localhost to see if Pi-hole can use itself to block a domain if local_dig=$(dig +tries=1 +time=2 -"${protocol}" "${random_url}" @${local_address} +short "${record_type}"); then @@ -783,7 +786,7 @@ dig_at() { # The default timeouts and tries are reduced in case the DNS server isn't working, so the user isn't waiting for too long # If Pi-hole can dig itself from it's IP (not the loopback address) - if pihole_dig=$(dig +tries=1 +time=2 -"${protocol}" "${random_url}" @${pihole_address} +short "${record_type}"); then + if pihole_dig=$(dig +tries=1 +time=2 -"${protocol}" "${random_url}" @"${pihole_address}" +short "${record_type}"); then # show a success log_write "${TICK} ${random_url} ${COL_GREEN}is ${pihole_dig}${COL_NC} via ${COL_CYAN}Pi-hole${COL_NC} (${pihole_address})" else @@ -812,10 +815,12 @@ process_status(){ # If systemd if command -v systemctl &> /dev/null; then # get its status via systemctl - local status_of_process=$(systemctl is-active "${i}") + local status_of_process + status_of_process=$(systemctl is-active "${i}") else # Otherwise, use the service command - local status_of_process=$(service "${i}" status | awk '/Active:/ {print $2}') &> /dev/null + local status_of_process + status_of_process=$(service "${i}" status | awk '/Active:/ {print $2}') &> /dev/null fi # and print it out to the user if [[ "${status_of_process}" == "active" ]]; then @@ -931,7 +936,7 @@ list_files_in_dir() { # Set the first argument passed to tihs function as a named variable for better readability local dir_to_parse="${1}" # Store the files found in an array - local files_found=( $(ls "${dir_to_parse}") ) + mapfile -t files_found < <(ls "${dir_to_parse}") # For each file in the array, for each_file in "${files_found[@]}"; do if [[ -d "${dir_to_parse}/${each_file}" ]]; then @@ -939,19 +944,19 @@ list_files_in_dir() { : elif [[ "${dir_to_parse}/${each_file}" == "${PIHOLE_BLOCKLIST_FILE}" ]] || \ [[ "${dir_to_parse}/${each_file}" == "${PIHOLE_DEBUG_LOG}" ]] || \ - [[ ${dir_to_parse}/${each_file} == ${PIHOLE_RAW_BLOCKLIST_FILES} ]] || \ + [[ "${dir_to_parse}/${each_file}" == "${PIHOLE_RAW_BLOCKLIST_FILES}" ]] || \ [[ "${dir_to_parse}/${each_file}" == "${PIHOLE_INSTALL_LOG_FILE}" ]] || \ [[ "${dir_to_parse}/${each_file}" == "${PIHOLE_SETUP_VARS_FILE}" ]] || \ [[ "${dir_to_parse}/${each_file}" == "${PIHOLE_LOG}" ]] || \ [[ "${dir_to_parse}/${each_file}" == "${PIHOLE_WEB_SERVER_ACCESS_LOG_FILE}" ]] || \ - [[ ${dir_to_parse}/${each_file} == ${PIHOLE_LOG_GZIPS} ]]; then + [[ "${dir_to_parse}/${each_file}" == "${PIHOLE_LOG_GZIPS}" ]]; then : else # Then, parse the file's content into an array so each line can be analyzed if need be for i in "${!REQUIRED_FILES[@]}"; do - if [[ "${dir_to_parse}/${each_file}" == ${REQUIRED_FILES[$i]} ]]; then + if [[ "${dir_to_parse}/${each_file}" == "${REQUIRED_FILES[$i]}" ]]; then # display the filename - log_write "\n${COL_GREEN}$(ls -ld ${dir_to_parse}/${each_file})${COL_NC}" + log_write "\\n${COL_GREEN}$(ls -ld "${dir_to_parse}"/"${each_file}")${COL_NC}" # Check if the file we want to view has a limit (because sometimes we just need a little bit of info from the file, not the entire thing) case "${dir_to_parse}/${each_file}" in # If it's Web server error log, just give the first 25 lines @@ -1003,15 +1008,15 @@ head_tail_log() { # Get the lines that are in the file(s) and store them in an array for parsing later IFS=$'\r\n' local log_head=() - log_head=( $(head -n ${qty} ${filename}) ) - log_write " ${COL_CYAN}-----head of $(basename ${filename})------${COL_NC}" + mapfile -t log_head < <(head -n "${qty}" "${filename}") + log_write " ${COL_CYAN}-----head of $(basename "${filename}")------${COL_NC}" for head_line in "${log_head[@]}"; do log_write " ${head_line}" done log_write "" local log_tail=() - log_tail=( $(tail -n ${qty} ${filename}) ) - log_write " ${COL_CYAN}-----tail of $(basename ${filename})------${COL_NC}" + mapfile -t log_tail < <(tail -n "${qty}" "${filename}") + log_write " ${COL_CYAN}-----tail of $(basename "${filename}")------${COL_NC}" for tail_line in "${log_tail[@]}"; do log_write " ${tail_line}" done @@ -1027,17 +1032,18 @@ analyze_gravity_list() { OLD_IFS="$IFS" # Get the lines that are in the file(s) and store them in an array for parsing later IFS=$'\r\n' - local gravity_permissions=$(ls -ld "${PIHOLE_BLOCKLIST_FILE}") + local gravity_permissions + gravity_permissions=$(ls -ld "${PIHOLE_BLOCKLIST_FILE}") log_write "${COL_GREEN}${gravity_permissions}${COL_NC}" local gravity_head=() - gravity_head=( $(head -n 4 ${PIHOLE_BLOCKLIST_FILE}) ) + mapfile -t gravity_head < <(head -n 4 ${PIHOLE_BLOCKLIST_FILE}) log_write " ${COL_CYAN}-----head of $(basename ${PIHOLE_BLOCKLIST_FILE})------${COL_NC}" for head_line in "${gravity_head[@]}"; do log_write " ${head_line}" done log_write "" local gravity_tail=() - gravity_tail=( $(tail -n 4 ${PIHOLE_BLOCKLIST_FILE}) ) + mapfile -t gravity_tail < <(tail -n 4 ${PIHOLE_BLOCKLIST_FILE}) log_write " ${COL_CYAN}-----tail of $(basename ${PIHOLE_BLOCKLIST_FILE})------${COL_NC}" for tail_line in "${gravity_tail[@]}"; do log_write " ${tail_line}" @@ -1053,10 +1059,11 @@ analyze_pihole_log() { OLD_IFS="$IFS" # Get the lines that are in the file(s) and store them in an array for parsing later IFS=$'\r\n' - local pihole_log_permissions=$(ls -ld "${PIHOLE_LOG}") + local pihole_log_permissions + pihole_log_permissions=$(ls -ld "${PIHOLE_LOG}") log_write "${COL_GREEN}${pihole_log_permissions}${COL_NC}" local pihole_log_head=() - pihole_log_head=( $(head -n 20 ${PIHOLE_LOG}) ) + mapfile -t pihole_log_head < <(head -n 20 ${PIHOLE_LOG}) log_write " ${COL_CYAN}-----head of $(basename ${PIHOLE_LOG})------${COL_NC}" local error_to_check_for local line_to_obfuscate @@ -1066,10 +1073,10 @@ analyze_pihole_log() { # that the DNS server is attempting to read. Since it's not formatted # correctly, there will be an entry for "bad address at line n" # So we can check for that here and highlight it in red so the user can see it easily - error_to_check_for=$(echo ${head_line} | grep 'bad address at') + error_to_check_for=$(echo "${head_line}" | grep 'bad address at') # Some users may not want to have the domains they visit sent to us # To that end, we check for lines in the log that would contain a domain name - line_to_obfuscate=$(echo ${head_line} | grep ': query\|: forwarded\|: reply') + line_to_obfuscate=$(echo "${head_line}" | grep ': query\|: forwarded\|: reply') # If the variable contains a value, it found an error in the log if [[ -n ${error_to_check_for} ]]; then # So we can print it in red to make it visible to the user @@ -1084,7 +1091,7 @@ analyze_pihole_log() { if [[ -n ${line_to_obfuscate} ]]; then # If there are, we need to use awk to replace only the domain name (the 6th field in the log) # so we substitue the domain for the placeholder value - obfuscated_line=$(echo ${line_to_obfuscate} | awk -v placeholder="${OBFUSCATED_PLACEHOLDER}" '{sub($6,placeholder); print $0}') + obfuscated_line=$(echo "${line_to_obfuscate}" | awk -v placeholder="${OBFUSCATED_PLACEHOLDER}" '{sub($6,placeholder); print $0}') log_write " ${obfuscated_line}" else log_write " ${head_line}" @@ -1125,7 +1132,7 @@ upload_to_tricorder() { log_write "" log_write "${COL_PURPLE}********************************************${COL_NC}" log_write "${COL_PURPLE}********************************************${COL_NC}" - log_write "${TICK} ${COL_GREEN}** FINISHED DEBUGGING! **${COL_NC}\n" + log_write "${TICK} ${COL_GREEN}** FINISHED DEBUGGING! **${COL_NC}\\n" # Provide information on what they should do with their token log_write " * The debug log can be uploaded to tricorder.pi-hole.net for sharing with developers only." @@ -1172,7 +1179,7 @@ upload_to_tricorder() { log_write " * Please try again or contact the Pi-hole team for assistance." fi # Finally, show where the log file is no matter the outcome of the function so users can look at it - log_write " * A local copy of the debug log can be found at: ${COL_CYAN}${PIHOLE_DEBUG_LOG_SANITIZED}${COL_NC}\n" + log_write " * A local copy of the debug log can be found at: ${COL_CYAN}${PIHOLE_DEBUG_LOG_SANITIZED}${COL_NC}\\n" } # Run through all the functions we made From b57b3f4588d9b84986ec32accd30b3e9a7b24b75 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Sun, 15 Apr 2018 21:36:50 +0100 Subject: [PATCH 068/277] Disable SC2001 for generation of `the_os` Signed-off-by: Adam Warner --- advanced/Scripts/piholeDebug.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index 34b01a72..df46106d 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -365,6 +365,7 @@ check_critical_program_versions() { is_os_supported() { local os_to_check="${1}" # Strip just the base name of the system using sed + # shellcheck disable=SC2001 the_os=$(echo "${os_to_check}" | sed 's/ .*//') # If the variable is one of our supported OSes, case "${the_os}" in From e6fc9dc75d0febc556119e0ae0418d4bcd2f9ffc Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Sun, 15 Apr 2018 21:52:09 +0100 Subject: [PATCH 069/277] disable 2016 in two places and declare local variables Signed-off-by: Adam Warner --- advanced/Scripts/piholeDebug.sh | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index df46106d..df3e1862 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -245,6 +245,7 @@ compare_local_version_to_git_version() { local search_term="Pi-hole" elif [[ "${pihole_component}" == "Web" ]]; then # We need to search for "AdminLTE" so store it in a variable as well + #shellcheck disable=2034 local search_term="AdminLTE" fi # Display what we are checking @@ -385,6 +386,8 @@ get_distro_attributes() { OLD_IFS="$IFS" # Store the distro info in an array and make it global since the OS won't change, # but we'll keep it within the function for better unit testing + local distro_info + #shellcheck disable=SC2016 IFS=$'\r\n' command eval 'distro_info=( $(cat /etc/*release) )' # Set a named variable for better readability @@ -754,14 +757,14 @@ dig_at() { if [[ ${protocol} == "6" ]]; then # Set the IPv6 variables and record type local local_address="::1" - local pihole_address="${IPV6_ADDRESS%/*}" + local pihole_address="${IP}" local remote_address="2001:4860:4860::8888" local record_type="AAAA" # Othwerwise, it should be 4 else # so use the IPv4 values local local_address="127.0.0.1" - local pihole_address="${IPV4_ADDRESS%/*}" + local pihole_address="${IP}" local remote_address="8.8.8.8" local record_type="A" fi @@ -885,6 +888,8 @@ parse_file() { # Put the current Internal Field Separator into another variable so it can be restored later OLD_IFS="$IFS" # Get the lines that are in the file(s) and store them in an array for parsing later + local file_info + #shellcheck disable=SC2016 IFS=$'\r\n' command eval 'file_info=( $(cat "${filename}") )' # Set a named variable for better readability From 6977f655e3a5bdb84f575f3899d203b45145315d Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Sun, 15 Apr 2018 22:08:55 +0100 Subject: [PATCH 070/277] fix a typo comment out some unused variables, but not deleting them in case there is a plan for them in future... Signed-off-by: Adam Warner --- advanced/Scripts/piholeDebug.sh | 36 ++++++++++++++++----------------- 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index df3e1862..abdc0dd8 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -38,7 +38,7 @@ else TICK="[${COL_GREEN}✓${COL_NC}]" CROSS="[${COL_RED}✗${COL_NC}]" INFO="[i]" - OVER="\\r\\033[K" + #OVER="\\r\\033[K" fi OBFUSCATED_PLACEHOLDER="" @@ -75,7 +75,7 @@ WEB_SERVER_LOG_DIRECTORY="${LOG_DIRECTORY}/lighttpd" WEB_SERVER_CONFIG_DIRECTORY="/etc/lighttpd" HTML_DIRECTORY="/var/www/html" WEB_GIT_DIRECTORY="${HTML_DIRECTORY}/admin" -BLOCK_PAGE_DIRECTORY="${HTML_DIRECTORY}/pihole" +#BLOCK_PAGE_DIRECTORY="${HTML_DIRECTORY}/pihole" # Files required by Pi-hole # https://discourse.pi-hole.net/t/what-files-does-pi-hole-use/1684 @@ -86,7 +86,7 @@ PIHOLE_DHCP_CONFIG_FILE="${DNSMASQ_D_DIRECTORY}/02-pihole-dhcp.conf" PIHOLE_WILDCARD_CONFIG_FILE="${DNSMASQ_D_DIRECTORY}/03-wildcard.conf" WEB_SERVER_CONFIG_FILE="${WEB_SERVER_CONFIG_DIRECTORY}/lighttpd.conf" -WEB_SERVER_CUSTOM_CONFIG_FILE="${WEB_SERVER_CONFIG_DIRECTORY}/external.conf" +#WEB_SERVER_CUSTOM_CONFIG_FILE="${WEB_SERVER_CONFIG_DIRECTORY}/external.conf" PIHOLE_DEFAULT_AD_LISTS="${PIHOLE_DIRECTORY}/adlists.default" PIHOLE_USER_DEFINED_AD_LISTS="${PIHOLE_DIRECTORY}/adlists.list" @@ -116,25 +116,25 @@ PIHOLE_WEB_SERVER_ERROR_LOG_FILE="${WEB_SERVER_LOG_DIRECTORY}/error.log" # An array of operating system "pretty names" that we officialy support # We can loop through the array at any time to see if it matches a value -SUPPORTED_OS=("Raspbian" "Ubuntu" "Fedora" "Debian" "CentOS") +#SUPPORTED_OS=("Raspbian" "Ubuntu" "Fedora" "Debian" "CentOS") # Store Pi-hole's processes in an array for easy use and parsing PIHOLE_PROCESSES=( "dnsmasq" "lighttpd" "pihole-FTL" ) # Store the required directories in an array so it can be parsed through -REQUIRED_DIRECTORIES=("${CORE_GIT_DIRECTORY}" -"${CRON_D_DIRECTORY}" -"${DNSMASQ_D_DIRECTORY}" -"${PIHOLE_DIRECTORY}" -"${PIHOLE_SCRIPTS_DIRECTORY}" -"${BIN_DIRECTORY}" -"${RUN_DIRECTORY}" -"${LOG_DIRECTORY}" -"${WEB_SERVER_LOG_DIRECTORY}" -"${WEB_SERVER_CONFIG_DIRECTORY}" -"${HTML_DIRECTORY}" -"${WEB_GIT_DIRECTORY}" -"${BLOCK_PAGE_DIRECTORY}") +#REQUIRED_DIRECTORIES=("${CORE_GIT_DIRECTORY}" +#"${CRON_D_DIRECTORY}" +#"${DNSMASQ_D_DIRECTORY}" +#"${PIHOLE_DIRECTORY}" +#"${PIHOLE_SCRIPTS_DIRECTORY}" +#"${BIN_DIRECTORY}" +#"${RUN_DIRECTORY}" +#"${LOG_DIRECTORY}" +#"${WEB_SERVER_LOG_DIRECTORY}" +#"${WEB_SERVER_CONFIG_DIRECTORY}" +#"${HTML_DIRECTORY}" +#"${WEB_GIT_DIRECTORY}" +#"${BLOCK_PAGE_DIRECTORY}") # Store the required directories in an array so it can be parsed through REQUIRED_FILES=("${PIHOLE_CRON_FILE}" @@ -898,7 +898,7 @@ parse_file() { for file_lines in "${file_info[@]}"; do if [[ ! -z "${file_lines}" ]]; then # don't include the Web password hash - [[ "${file_linesline}" =~ ^\#.*$ || ! "${file_lines}" || "${file_lines}" == "WEBPASSWORD="* ]] && continue + [[ "${file_lines}" =~ ^\#.*$ || ! "${file_lines}" || "${file_lines}" == "WEBPASSWORD="* ]] && continue # otherwise, display the lines of the file log_write " ${file_lines}" fi From 20e0bca71d4005a99cbbe25430e9d5df62e928cc Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Sun, 15 Apr 2018 23:45:36 +0100 Subject: [PATCH 071/277] add some more linters to stickler Signed-off-by: Adam Warner --- .stickler.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.stickler.yml b/.stickler.yml index b96fc2e7..d254899a 100644 --- a/.stickler.yml +++ b/.stickler.yml @@ -1,3 +1,6 @@ linters: shellcheck: shell: bash + phpcs: + css: + flake8: From 18b24535fe65e5ae1d878deaffab7edce7706456 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Sun, 15 Apr 2018 23:46:52 +0100 Subject: [PATCH 072/277] Lets try the correct name for csslint Signed-off-by: Adam Warner --- .stickler.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.stickler.yml b/.stickler.yml index d254899a..0eaae8cb 100644 --- a/.stickler.yml +++ b/.stickler.yml @@ -2,5 +2,5 @@ linters: shellcheck: shell: bash phpcs: - css: + csslint: flake8: From 88d4108f920740e0408ccc4703330d3364b5b6fd Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Tue, 17 Apr 2018 09:50:25 +0100 Subject: [PATCH 073/277] - Add new whipstail to choose from example blocklists on new install - remove adlists.default - do not copy non-existent adlists.default on run of gravity Signed-off-by: Adam Warner --- adlists.default | 23 ------------------ automated install/basic-install.sh | 38 ++++++++++++++++++++++++++++++ gravity.sh | 6 +---- 3 files changed, 39 insertions(+), 28 deletions(-) delete mode 100644 adlists.default diff --git a/adlists.default b/adlists.default deleted file mode 100644 index cbc1bfb3..00000000 --- a/adlists.default +++ /dev/null @@ -1,23 +0,0 @@ -# The below list amalgamates several lists we used previously. -# See `https://github.com/StevenBlack/hosts` for details -##StevenBlack's list -https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts - -##MalwareDomains -https://mirror1.malwaredomains.com/files/justdomains - -##Cameleon -http://sysctl.org/cameleon/hosts - -##Zeustracker -https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist - -##Disconnect.me Tracking -https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt - -##Disconnect.me Ads -https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt - -##Hosts-file.net -https://hosts-file.net/ad_servers.txt - diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 160039ce..87e10751 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -49,6 +49,7 @@ PI_HOLE_FILES=(chronometer list piholeDebug piholeLogFlush setupLCD update versi PI_HOLE_INSTALL_DIR="/opt/pihole" useUpdateVars=false +adlistFile="/etc/pihole/adlists.list" # Pi-hole needs an IP address; to begin, these variables are empty since we don't know what the IP is until # this script can run IPV4_ADDRESS="" @@ -955,6 +956,39 @@ setAdminFlag() { esac } +# A function to display a list of example blocklists for users to select +chooseBlocklists() { + # Let user select (or not) blocklists via a checklist + cmd=(whiptail --separate-output --checklist "In order to block ads Pi-Hole relies on blacklists, either sourced from third party curated lists, or through building up a custom blacklist.\\n\\nBelow you will find some examples of third party lists.\\n\\nPlease note, the installation can be completed without any of these lists selected, but nothing will be blocked until you add your own." "${r}" "${c}" 7) + # In an array, show the options available (all off by default): + options=(StevenBlack "StevenBlack's Unified Hosts List" off + MalwareDom "MalwareDomains" off + Cameleon "Cameleon" off + ZeusTracker "ZeusTracker" off + DisconTrack "Disconnect.me Tracking" off + DisconAd "Disconnect.me Ads" off + HostsFile "Hosts-file.net Ads" off) + + # In a variable, show the choices available; exit if Cancel is selected + choices=$("${cmd[@]}" "${options[@]}" 2>&1 >/dev/tty) || { echo -e " ${COL_LIGHT_RED}Cancel was selected, exiting installer${COL_NC}"; exit 1; } + # For each choice available, + for choice in ${choices} + do + # Set the values to true + case ${choice} in + StevenBlack ) echo "https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts" >> "${adlistFile}";; + MalwareDom ) echo "https://mirror1.malwaredomains.com/files/justdomains" >> "${adlistFile}";; + Cameleon ) echo "http://sysctl.org/cameleon/hosts" >> "${adlistFile}";; + ZeusTracker ) echo "https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist" >> "${adlistFile}";; + DisconTrack ) echo "https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt" >> "${adlistFile}";; + DisconAd ) echo "https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt" >> "${adlistFile}";; + HostsFile ) echo "https://hosts-file.net/ad_servers.txt" >> "${adlistFile}";; + esac + done + + +} + # Check if /etc/dnsmasq.conf is from pi-hole. If so replace with an original and install new in .d directory version_check_dnsmasq() { # Local, named variables @@ -2100,6 +2134,10 @@ main() { chooseInterface # Decide what upstream DNS Servers to use setDNS + # If adlists.list file does not exist, give the user the choice of adding some example lists + if [[ ! -f "${adlistFile}" ]]; then + chooseBlocklists + fi # Let the user decide if they want to block ads over IPv4 and/or IPv6 use4andor6 # Let the user decide if they want the web interface to be installed automatically diff --git a/gravity.sh b/gravity.sh index 5806dea7..848fe574 100755 --- a/gravity.sh +++ b/gravity.sh @@ -20,11 +20,9 @@ basename="pihole" PIHOLE_COMMAND="/usr/local/bin/${basename}" piholeDir="/etc/${basename}" -piholeRepo="/etc/.${basename}" adListFile="${piholeDir}/adlists.list" adListDefault="${piholeDir}/adlists.default" -adListRepoDefault="${piholeRepo}/adlists.default" whitelistFile="${piholeDir}/whitelist.txt" blacklistFile="${piholeDir}/blacklist.txt" @@ -133,9 +131,7 @@ gravity_GetBlocklistUrls() { # Determine if adlists file needs handling if [[ ! -f "${adListFile}" ]]; then - # Create "adlists.list" by copying "adlists.default" from internal core repo - cp "${adListRepoDefault}" "${adListFile}" 2> /dev/null || \ - echo -e " ${CROSS} Unable to copy ${adListFile##*/} from ${piholeRepo}" + echo -e " ${CROSS} No adlists file found. Nothing to do!" elif [[ -f "${adListDefault}" ]] && [[ -f "${adListFile}" ]]; then # Remove superceded $adListDefault file rm "${adListDefault}" 2> /dev/null || \ From 2e4f49a223cc2ef83aca361eaa92d50fda05f6b6 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Tue, 17 Apr 2018 16:22:10 +0100 Subject: [PATCH 074/277] Default all to on, change up wording. This commit can be rolled back, it's just an option! Signed-off-by: Adam Warner --- automated install/basic-install.sh | 20 +++++++++----------- 1 file changed, 9 insertions(+), 11 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 87e10751..cce15fa3 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -959,15 +959,15 @@ setAdminFlag() { # A function to display a list of example blocklists for users to select chooseBlocklists() { # Let user select (or not) blocklists via a checklist - cmd=(whiptail --separate-output --checklist "In order to block ads Pi-Hole relies on blacklists, either sourced from third party curated lists, or through building up a custom blacklist.\\n\\nBelow you will find some examples of third party lists.\\n\\nPlease note, the installation can be completed without any of these lists selected, but nothing will be blocked until you add your own." "${r}" "${c}" 7) + cmd=(whiptail --separate-output --checklist "Pi-hole relies on third party lists in order to block ads.\\n\\nYou can use the suggestions below, and/or add your own after installation\\n\\nTo deselect any list, use the arrow keys and spacebar" "${r}" "${c}" 7) # In an array, show the options available (all off by default): - options=(StevenBlack "StevenBlack's Unified Hosts List" off - MalwareDom "MalwareDomains" off - Cameleon "Cameleon" off - ZeusTracker "ZeusTracker" off - DisconTrack "Disconnect.me Tracking" off - DisconAd "Disconnect.me Ads" off - HostsFile "Hosts-file.net Ads" off) + options=(StevenBlack "StevenBlack's Unified Hosts List" on + MalwareDom "MalwareDomains" on + Cameleon "Cameleon" on + ZeusTracker "ZeusTracker" on + DisconTrack "Disconnect.me Tracking" on + DisconAd "Disconnect.me Ads" on + HostsFile "Hosts-file.net Ads" on) # In a variable, show the choices available; exit if Cancel is selected choices=$("${cmd[@]}" "${options[@]}" 2>&1 >/dev/tty) || { echo -e " ${COL_LIGHT_RED}Cancel was selected, exiting installer${COL_NC}"; exit 1; } @@ -984,9 +984,7 @@ chooseBlocklists() { DisconAd ) echo "https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt" >> "${adlistFile}";; HostsFile ) echo "https://hosts-file.net/ad_servers.txt" >> "${adlistFile}";; esac - done - - + done } # Check if /etc/dnsmasq.conf is from pi-hole. If so replace with an original and install new in .d directory From b6b1dcb275021674ad030709a83a22b563adce4d Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Tue, 17 Apr 2018 19:35:46 +0100 Subject: [PATCH 075/277] delete adlists.list if user cancels out of this dialog Signed-off-by: Adam Warner --- automated install/basic-install.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index cce15fa3..5b274e47 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -957,10 +957,10 @@ setAdminFlag() { } # A function to display a list of example blocklists for users to select -chooseBlocklists() { +chooseBlocklists() { # Let user select (or not) blocklists via a checklist cmd=(whiptail --separate-output --checklist "Pi-hole relies on third party lists in order to block ads.\\n\\nYou can use the suggestions below, and/or add your own after installation\\n\\nTo deselect any list, use the arrow keys and spacebar" "${r}" "${c}" 7) - # In an array, show the options available (all off by default): + # In an array, show the options available (all off by default): options=(StevenBlack "StevenBlack's Unified Hosts List" on MalwareDom "MalwareDomains" on Cameleon "Cameleon" on @@ -970,7 +970,7 @@ chooseBlocklists() { HostsFile "Hosts-file.net Ads" on) # In a variable, show the choices available; exit if Cancel is selected - choices=$("${cmd[@]}" "${options[@]}" 2>&1 >/dev/tty) || { echo -e " ${COL_LIGHT_RED}Cancel was selected, exiting installer${COL_NC}"; exit 1; } + choices=$("${cmd[@]}" "${options[@]}" 2>&1 >/dev/tty) || { echo -e " ${COL_LIGHT_RED}Cancel was selected, exiting installer${COL_NC}"; rm "${adlistFile}" ;exit 1; } # For each choice available, for choice in ${choices} do From 7455ac9bfbb60054cec5c88247ba934ab3dd7ab4 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Tue, 17 Apr 2018 19:46:36 +0100 Subject: [PATCH 076/277] Run chooseBlocklists on EVERY reconfigure, not only if the adlist file does not esist. Signed-off-by: Adam Warner --- automated install/basic-install.sh | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 5b274e47..7faed6d3 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -958,6 +958,10 @@ setAdminFlag() { # A function to display a list of example blocklists for users to select chooseBlocklists() { + # Back up any existing adlist file, on the off chance that it exists. Useful in case of a reconfigure. + if [[ -f "${adlistFile}" ]]; then + mv "${adlistFile}" "${adlistFile}.old" + fi # Let user select (or not) blocklists via a checklist cmd=(whiptail --separate-output --checklist "Pi-hole relies on third party lists in order to block ads.\\n\\nYou can use the suggestions below, and/or add your own after installation\\n\\nTo deselect any list, use the arrow keys and spacebar" "${r}" "${c}" 7) # In an array, show the options available (all off by default): @@ -1708,7 +1712,7 @@ update_dialogs() { strAdd="You will be updated to the latest version." fi opt2a="Reconfigure" - opt2b="This will allow you to enter new settings" + opt2b="This will reset your Pi-hole and allow you to enter new settings." # Display the information to the user UpdateCmd=$(whiptail --title "Existing Install Detected!" --menu "\\n\\nWe have detected an existing install.\\n\\nPlease choose from the following options: \\n($strAdd)" ${r} ${c} 2 \ @@ -2132,10 +2136,8 @@ main() { chooseInterface # Decide what upstream DNS Servers to use setDNS - # If adlists.list file does not exist, give the user the choice of adding some example lists - if [[ ! -f "${adlistFile}" ]]; then - chooseBlocklists - fi + # Give the user a choice of blocklists to include in their install. Or not. + chooseBlocklists # Let the user decide if they want to block ads over IPv4 and/or IPv6 use4andor6 # Let the user decide if they want the web interface to be installed automatically From e401651f0974810e596ed486a4eecaaf3f8c6e27 Mon Sep 17 00:00:00 2001 From: "Daniel (Fourdee)" Date: Wed, 18 Apr 2018 04:11:32 +0100 Subject: [PATCH 077/277] Update https://github.com/pi-hole/pi-hole/pull/2115 + Patch existing systems with the new variable changes using 'accountForRefactor' + Prompt user to install webserver --- automated install/basic-install.sh | 27 ++++++++++++++++++++++++++- 1 file changed, 26 insertions(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 79fe17bf..2ea37528 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -964,9 +964,25 @@ setAdminFlag() { echo -e " ${INFO} Web Interface Off" # or false INSTALL_WEB_INTERFACE=false - INSTALL_WEB_SERVER=false ;; esac + + # Request user to install web server, if --disable-install-webserver has not been used (INSTALL_WEB_SERVER=true is default). + if [[ "${INSTALL_WEB_SERVER}" == true ]]; then + WebToggleCommand=(whiptail --separate-output --radiolist "Do you wish to install the web server (lighttpd)?" ${r} ${c} 6) + # with the default being enabled + WebChooseOptions=("On (Recommended)" "" on + Off "" off) + WebChoices=$("${WebToggleCommand[@]}" "${WebChooseOptions[@]}" 2>&1 >/dev/tty) || (echo -e " ${COL_LIGHT_RED}Cancel was selected, exiting installer${COL_NC}" && exit 1) + # Depending on their choice + case ${WebChoices} in + Off) + echo -e " ${INFO} Web Server Off" + # or false + INSTALL_WEB_SERVER=false + ;; + esac + fi } # Check if /etc/dnsmasq.conf is from pi-hole. If so replace with an original and install new in .d directory @@ -1593,6 +1609,15 @@ accountForRefactor() { sed -i 's/piholeIPv6/IPV6_ADDRESS/g' ${setupVars} sed -i 's/piholeDNS1/PIHOLE_DNS_1/g' ${setupVars} sed -i 's/piholeDNS2/PIHOLE_DNS_2/g' ${setupVars} + sed -i 's/^INSTALL_WEB=/INSTALL_WEB_INTERFACE=/' ${setupVars} + # Add 'INSTALL_WEB_SERVER', if its not been applied already: https://github.com/pi-hole/pi-hole/pull/2115 + if ! grep -q '^INSTALL_WEB_SERVER=' ${setupVars}; then + local webserver_installed=false + if grep -q '^INSTALL_WEB_INTERFACE=true' ${setupVars}; then + webserver_installed=true + fi + echo -e "INSTALL_WEB_SERVER=$webserver_installed" >> ${setupVars} + fi } updatePihole() { From 47c1071bb890407c6ba936673633fa48218b7416 Mon Sep 17 00:00:00 2001 From: "Daniel (Fourdee)" Date: Wed, 18 Apr 2018 04:24:48 +0100 Subject: [PATCH 078/277] Minor + Add info in regards to disabling web server install: https://github.com/pi-hole/pi-hole/pull/2115 --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 2ea37528..7b264320 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -969,7 +969,7 @@ setAdminFlag() { # Request user to install web server, if --disable-install-webserver has not been used (INSTALL_WEB_SERVER=true is default). if [[ "${INSTALL_WEB_SERVER}" == true ]]; then - WebToggleCommand=(whiptail --separate-output --radiolist "Do you wish to install the web server (lighttpd)?" ${r} ${c} 6) + WebToggleCommand=(whiptail --separate-output --radiolist "Do you wish to install the web server (lighttpd)?\n\nNB: If you disable this, and, do not have an existing webserver installed, the web interface will not function." ${r} ${c} 6) # with the default being enabled WebChooseOptions=("On (Recommended)" "" on Off "" off) From c2c1dc74693fbf7d9e13208e63d0dc271a91deee Mon Sep 17 00:00:00 2001 From: "Daniel (Fourdee)" Date: Wed, 18 Apr 2018 04:38:07 +0100 Subject: [PATCH 079/277] Ensuring bot pleasure https://github.com/pi-hole/pi-hole/pull/2115#pullrequestreview-113066748 --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 7b264320..d3330995 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -969,7 +969,7 @@ setAdminFlag() { # Request user to install web server, if --disable-install-webserver has not been used (INSTALL_WEB_SERVER=true is default). if [[ "${INSTALL_WEB_SERVER}" == true ]]; then - WebToggleCommand=(whiptail --separate-output --radiolist "Do you wish to install the web server (lighttpd)?\n\nNB: If you disable this, and, do not have an existing webserver installed, the web interface will not function." ${r} ${c} 6) + WebToggleCommand=(whiptail --separate-output --radiolist "Do you wish to install the web server (lighttpd)?\\n\\nNB: If you disable this, and, do not have an existing webserver installed, the web interface will not function." "${r}" "${c}" 6) # with the default being enabled WebChooseOptions=("On (Recommended)" "" on Off "" off) From 24b8b4e904b976b1fb91cc9ef66cdf693dcf0966 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Wed, 18 Apr 2018 17:12:20 +0200 Subject: [PATCH 080/277] Add backend changes for supporting a local recursive DNS server Signed-off-by: DL6ER --- advanced/Scripts/webpage.sh | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index ce6c34d2..b04b55aa 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -149,6 +149,10 @@ ProcessDNSSettings() { let COUNTER=COUNTER+1 done + if [ ! -z "${LOCAL_RECURSIVE}" ]; then + add_dnsmasq_setting "server" "127.0.0.1#${LOCAL_RECURSIVE}" + fi + delete_dnsmasq_setting "domain-needed" if [[ "${DNS_FQDN_REQUIRED}" == true ]]; then @@ -525,6 +529,16 @@ SetPrivacyLevel() { changeFTLsetting "PRIVACYLEVEL" "${args[2]}" fi } +SetLocalRecursivePort() { + # Ensure port is a natural number { 0, 1, 2, 3, ... } + if [[ "${1}" == "0" ]]; then + delete_setting "LOCAL_RECURSIVE" + ProcessDNSSettings + elif [[ "${1}" =~ ^[0-9]+$ ]]; then + change_setting "LOCAL_RECURSIVE" "${1}" + ProcessDNSSettings + fi +} main() { args=("$@") @@ -556,6 +570,7 @@ main() { "adlist" ) CustomizeAdLists;; "audit" ) audit;; "-l" | "privacylevel" ) SetPrivacyLevel;; + "localrecursivedns" ) SetLocalRecursivePort "$3";; * ) helpFunc;; esac From ce35509a40a08ed61b7788e49b4677826ab0e75f Mon Sep 17 00:00:00 2001 From: DL6ER Date: Wed, 18 Apr 2018 17:30:51 +0200 Subject: [PATCH 081/277] Change command to "pihole -a localdnsport X" Signed-off-by: DL6ER --- advanced/Scripts/webpage.sh | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index b04b55aa..21623eea 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -149,8 +149,8 @@ ProcessDNSSettings() { let COUNTER=COUNTER+1 done - if [ ! -z "${LOCAL_RECURSIVE}" ]; then - add_dnsmasq_setting "server" "127.0.0.1#${LOCAL_RECURSIVE}" + if [ ! -z "${LOCAL_DNS_PORT}" ]; then + add_dnsmasq_setting "server" "127.0.0.1#${LOCAL_DNS_PORT}" fi delete_dnsmasq_setting "domain-needed" @@ -529,13 +529,13 @@ SetPrivacyLevel() { changeFTLsetting "PRIVACYLEVEL" "${args[2]}" fi } -SetLocalRecursivePort() { +SetLocalDNSport() { # Ensure port is a natural number { 0, 1, 2, 3, ... } if [[ "${1}" == "0" ]]; then - delete_setting "LOCAL_RECURSIVE" + delete_setting "LOCAL_DNS_PORT" ProcessDNSSettings elif [[ "${1}" =~ ^[0-9]+$ ]]; then - change_setting "LOCAL_RECURSIVE" "${1}" + change_setting "LOCAL_DNS_PORT" "${1}" ProcessDNSSettings fi } @@ -570,7 +570,7 @@ main() { "adlist" ) CustomizeAdLists;; "audit" ) audit;; "-l" | "privacylevel" ) SetPrivacyLevel;; - "localrecursivedns" ) SetLocalRecursivePort "$3";; + "localdnsport" ) SetLocalDNSport "$3";; * ) helpFunc;; esac From 255cfb7d626633fa99a9f00b6e1662b8b23a2fca Mon Sep 17 00:00:00 2001 From: Rowan Date: Thu, 19 Apr 2018 19:30:30 +0100 Subject: [PATCH 082/277] Fixed typo in README Signed-off-by: Rowan Wookey --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 5119fd8c..60c54f87 100644 --- a/README.md +++ b/README.md @@ -148,7 +148,7 @@ Some notable features include: There are several ways to [access the dashboard](https://discourse.pi-hole.net/t/how-do-i-access-pi-holes-dashboard-admin-interface/3168): 1. `http:///admin/` -2. `http:/pi.hole/admin/` (when using Pi-hole as your DNS server) +2. `http://pi.hole/admin/` (when using Pi-hole as your DNS server) 3. `http://pi.hole/` (when using Pi-hole as your DNS server) ## Faster-than-light Engine From 55fce489bc46ffe9c977ca78ab3b79641bcb569c Mon Sep 17 00:00:00 2001 From: Michele Bologna Date: Thu, 19 Apr 2018 23:31:43 +0200 Subject: [PATCH 083/277] Fix: add psmisc as dependency MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Debian 9.4 does not install `psmisc` by default and the following error will happen during installation: ``` [✗] /usr/local/bin/pihole: line 353: killall: command not found /usr/local/bin/pihole: line 364: killall: command not found ``` This patch adds `psmisc` (that contains `killall`) as dependency Signed-off-by: Michele Bologna --- automated install/basic-install.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 160039ce..c473d0c9 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -163,7 +163,7 @@ if command -v apt-get &> /dev/null; then # These programs are stored in an array so they can be looped through later INSTALLER_DEPS=(apt-utils dialog debconf dhcpcd5 git ${iproute_pkg} whiptail) # Pi-hole itself has several dependencies that also need to be installed - PIHOLE_DEPS=(bc cron curl dnsutils iputils-ping lsof netcat sudo unzip wget idn2 sqlite3 libcap2-bin dns-root-data resolvconf) + PIHOLE_DEPS=(bc cron curl dnsutils iputils-ping lsof netcat psmisc sudo unzip wget idn2 sqlite3 libcap2-bin dns-root-data resolvconf) # The Web dashboard has some that also need to be installed # It's useful to separate the two since our repos are also setup as "Core" code and "Web" code PIHOLE_WEB_DEPS=(lighttpd ${phpVer}-common ${phpVer}-cgi ${phpVer}-${phpSqlite}) @@ -1589,7 +1589,7 @@ updatePihole() { # Install base files and web interface installScripts # Install config files - installConfigs + installConfigs # If the user wants to install the dasboard, if [[ "${INSTALL_WEB}" == true ]]; then # do so From eccea8a911b3e1714b3feea9596c1c958e6bf0c0 Mon Sep 17 00:00:00 2001 From: "Daniel (Fourdee)" Date: Sat, 21 Apr 2018 08:27:31 +0100 Subject: [PATCH 084/277] Minor + Fix indentation + Stick with case, add "On" to provide INFO print out, although its not technically required as INSTALL_WEB_SERVER=true is default value. --- automated install/basic-install.sh | 23 ++++++++++++++--------- 1 file changed, 14 insertions(+), 9 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index d3330995..4cc106fe 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -974,15 +974,20 @@ setAdminFlag() { WebChooseOptions=("On (Recommended)" "" on Off "" off) WebChoices=$("${WebToggleCommand[@]}" "${WebChooseOptions[@]}" 2>&1 >/dev/tty) || (echo -e " ${COL_LIGHT_RED}Cancel was selected, exiting installer${COL_NC}" && exit 1) - # Depending on their choice - case ${WebChoices} in - Off) - echo -e " ${INFO} Web Server Off" - # or false - INSTALL_WEB_SERVER=false - ;; - esac - fi + # Depending on their choice + case ${WebChoices} in + "On (Recommended)") + echo -e " ${INFO} Web Server On" + # set it to true, as clearly seen below. + INSTALL_WEB_SERVER=true + ;; + Off) + echo -e " ${INFO} Web Server Off" + # or false + INSTALL_WEB_SERVER=false + ;; + esac + fi } # Check if /etc/dnsmasq.conf is from pi-hole. If so replace with an original and install new in .d directory From 60bcca54eb2b0f89fc897a83e4ff94ca39ca2927 Mon Sep 17 00:00:00 2001 From: "Daniel (Fourdee)" Date: Sat, 21 Apr 2018 08:29:21 +0100 Subject: [PATCH 085/277] Minor + indentation --- automated install/basic-install.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 4cc106fe..2429c6f3 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -979,12 +979,12 @@ setAdminFlag() { "On (Recommended)") echo -e " ${INFO} Web Server On" # set it to true, as clearly seen below. - INSTALL_WEB_SERVER=true + INSTALL_WEB_SERVER=true ;; Off) echo -e " ${INFO} Web Server Off" # or false - INSTALL_WEB_SERVER=false + INSTALL_WEB_SERVER=false ;; esac fi From bac9e005aed0ac10ea9dfa63123ef1b5a9b7c72d Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 21 Apr 2018 23:27:36 +0200 Subject: [PATCH 086/277] Generate gravity.list and black.list in simple domain lists format for FTLDNS. Leave local.list in HOSTS format Signed-off-by: DL6ER --- gravity.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/gravity.sh b/gravity.sh index 7fdb2723..f3b98eb2 100755 --- a/gravity.sh +++ b/gravity.sh @@ -512,13 +512,13 @@ gravity_ParseBlacklistDomains() { # Empty $accretionDisc if it already exists, otherwise, create it : > "${piholeDir}/${accretionDisc}" - + if [[ -f "${piholeDir}/${whitelistMatter}" ]]; then - gravity_ParseDomainsIntoHosts "${piholeDir}/${whitelistMatter}" "${piholeDir}/${accretionDisc}" + mv "${piholeDir}/${whitelistMatter}" "${piholeDir}/${accretionDisc}" grep -c "^" "${piholeDir}/${whitelistMatter}" > "${piholeDir}/numBlocked" 2> /dev/null else # There was no whitelist file, so use preEventHorizon instead of whitelistMatter. - gravity_ParseDomainsIntoHosts "${piholeDir}/${preEventHorizon}" "${piholeDir}/${accretionDisc}" + mv "${piholeDir}/${preEventHorizon}" "${piholeDir}/${accretionDisc}" grep -c "^" "${piholeDir}/${preEventHorizon}" > "${piholeDir}/numBlocked" 2> /dev/null fi @@ -538,7 +538,7 @@ gravity_ParseUserDomains() { return 0 fi - gravity_ParseDomainsIntoHosts "${blacklistFile}" "${blackList}.tmp" + mv "${blacklistFile}" "${blackList}.tmp" # Copy the file over as /etc/pihole/black.list so dnsmasq can use it mv "${blackList}.tmp" "${blackList}" 2> /dev/null || \ echo -e "\\n ${CROSS} Unable to move ${blackList##*/}.tmp to ${piholeDir}" From d24b141d8b5aab9f0e20d08331fc094db908b005 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 21 Apr 2018 23:58:42 +0200 Subject: [PATCH 087/277] Get rid of numBlocked file, FTLDNS can now determine number of domains thanks to the new lists format Signed-off-by: DL6ER --- gravity.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/gravity.sh b/gravity.sh index f3b98eb2..44889a60 100755 --- a/gravity.sh +++ b/gravity.sh @@ -515,11 +515,9 @@ gravity_ParseBlacklistDomains() { if [[ -f "${piholeDir}/${whitelistMatter}" ]]; then mv "${piholeDir}/${whitelistMatter}" "${piholeDir}/${accretionDisc}" - grep -c "^" "${piholeDir}/${whitelistMatter}" > "${piholeDir}/numBlocked" 2> /dev/null else # There was no whitelist file, so use preEventHorizon instead of whitelistMatter. mv "${piholeDir}/${preEventHorizon}" "${piholeDir}/${accretionDisc}" - grep -c "^" "${piholeDir}/${preEventHorizon}" > "${piholeDir}/numBlocked" 2> /dev/null fi # Move the file over as /etc/pihole/gravity.list so dnsmasq can use it From 9c29bd627e9b22ca6f16841989fbb0ccb5c89c77 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Sat, 21 Apr 2018 23:55:33 +0100 Subject: [PATCH 088/277] fix user blacklisting --- gravity.sh | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/gravity.sh b/gravity.sh index 44889a60..4583208c 100755 --- a/gravity.sh +++ b/gravity.sh @@ -535,11 +535,10 @@ gravity_ParseUserDomains() { if [[ ! -f "${blacklistFile}" ]]; then return 0 fi - - mv "${blacklistFile}" "${blackList}.tmp" + # Copy the file over as /etc/pihole/black.list so dnsmasq can use it - mv "${blackList}.tmp" "${blackList}" 2> /dev/null || \ - echo -e "\\n ${CROSS} Unable to move ${blackList##*/}.tmp to ${piholeDir}" + cp "${blacklistFile}" "${blackList}" 2> /dev/null || \ + echo -e "\\n ${CROSS} Unable to move ${blacklistFile##*/} to ${piholeDir}" } # Trap Ctrl-C From 72c081cfd65a6baa203deb16c4541f77d83a2240 Mon Sep 17 00:00:00 2001 From: Fauxsys Date: Sun, 10 Dec 2017 23:51:54 -0500 Subject: [PATCH 089/277] Fix for unattended installations #1767 #1768 #1834 Removed updatePihole() function and updated if/then statements in installPihole() and main(). Corrected minor typos. Signed-off-by: Fauxsys --- automated install/basic-install.sh | 208 ++++++++++++----------------- 1 file changed, 84 insertions(+), 124 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index b9a23a72..8b12deb0 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -169,7 +169,7 @@ if command -v apt-get &> /dev/null; then else phpSqlite="sqlite" fi - # Since our install script is so large, we need several other programs to successfuly get a machine provisioned + # Since our install script is so large, we need several other programs to successfully get a machine provisioned # These programs are stored in an array so they can be looped through later INSTALLER_DEPS=(apt-utils dialog debconf dhcpcd5 git ${iproute_pkg} whiptail) # Pi-hole itself has several dependencies that also need to be installed @@ -236,7 +236,7 @@ fi # A function for checking if a folder is a git repository is_repo() { - # Use a named, local variable instead of the vague $1, which is the first arguement passed to this function + # Use a named, local variable instead of the vague $1, which is the first argument passed to this function # These local variables should always be lowercase local directory="${1}" # A local variable for the current directory @@ -312,7 +312,7 @@ update_repo() { git pull --quiet &> /dev/null || return $? # Show a completion message echo -e "${OVER} ${TICK} ${str}" - # Move back into the oiginal directory + # Move back into the original directory cd "${curdir}" &> /dev/null || return 1 return 0 } @@ -324,7 +324,7 @@ getGitFiles() { local directory="${1}" # as well as the repo URL local remoteRepo="${2}" - # A local varible containing the message to be displayed + # A local variable containing the message to be displayed local str="Check for existing repository in ${1}" # Show the message echo -ne " ${INFO} ${str}..." @@ -338,7 +338,7 @@ getGitFiles() { else # Show an error echo -e "${OVER} ${CROSS} ${str}" - # Attempt to make the repository, showing an error on falure + # Attempt to make the repository, showing an error on failure make_repo "${directory}" "${remoteRepo}" || { echo -e "\\n ${COL_LIGHT_RED}Error: Could not update local repository. Contact support.${COL_NC}"; exit 1; } fi # echo a blank line @@ -349,11 +349,11 @@ getGitFiles() { # Reset a repo to get rid of any local changed resetRepo() { - # Use named varibles for arguments + # Use named variables for arguments local directory="${1}" # Move into the directory cd "${directory}" &> /dev/null || return 1 - # Store the message in a varible + # Store the message in a variable str="Resetting repository within ${1}..." # Show the message echo -ne " ${INFO} ${str}" @@ -391,7 +391,7 @@ get_available_interfaces() { # A function for displaying the dialogs the user sees when first running the installer welcomeDialogs() { - # Display the welcome dialog using an approriately sized window via the calculation conducted earlier in the script + # Display the welcome dialog using an appropriately sized window via the calculation conducted earlier in the script whiptail --msgbox --backtitle "Welcome" --title "Pi-hole automated installer" "\\n\\nThis installer will transform your device into a network-wide ad blocker!" ${r} ${c} # Request that users donate if they enjoy the software since we all work on it in our free time @@ -409,7 +409,7 @@ verifyFreeDiskSpace() { # 50MB is the minimum space needed (45MB install (includes web admin bootstrap/jquery libraries etc) + 5MB one day of logs.) # - Fourdee: Local ensures the variable is only created, and accessible within this function/void. Generally considered a "good" coding practice for non-global variables. local str="Disk space check" - # Reqired space in KB + # Required space in KB local required_free_kilobytes=51200 # Calculate existing free space on this machine local existing_free_kilobytes @@ -491,7 +491,7 @@ chooseInterface() { chooseInterfaceCmd=(whiptail --separate-output --radiolist "Choose An Interface (press space to select)" ${r} ${c} ${interfaceCount}) # Now run the command using the interfaces saved into the array chooseInterfaceOptions=$("${chooseInterfaceCmd[@]}" "${interfacesArray[@]}" 2>&1 >/dev/tty) || \ - # If the user chooses Canel, exit + # If the user chooses Cancel, exit { echo -e " ${COL_LIGHT_RED}Cancel was selected, exiting installer${COL_NC}"; exit 1; } # For each interface for desiredInterface in ${chooseInterfaceOptions}; do @@ -747,7 +747,7 @@ valid_ip() { # If the IP matches the format xxx.xxx.xxx.xxx, if [[ "${ip}" =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then - # Save the old Interfal Field Separator in a variable + # Save the old Internal Field Separator in a variable OIFS=$IFS # and set the new one to a dot (period) IFS='.' @@ -863,7 +863,7 @@ setDNS() { fi # Dialog for the user to enter custom upstream servers - piholeDNS=$(whiptail --backtitle "Specify Upstream DNS Provider(s)" --inputbox "Enter your desired upstream DNS provider(s), seperated by a comma.\\n\\nFor example '8.8.8.8, 8.8.4.4'" ${r} ${c} "${prePopulate}" 3>&1 1>&2 2>&3) || \ + piholeDNS=$(whiptail --backtitle "Specify Upstream DNS Provider(s)" --inputbox "Enter your desired upstream DNS provider(s), separated by a comma.\\n\\nFor example '8.8.8.8, 8.8.4.4'" ${r} ${c} "${prePopulate}" 3>&1 1>&2 2>&3) || \ { echo -e " ${COL_LIGHT_RED}Cancel was selected, exiting installer${COL_NC}"; exit 1; } # PIHOLE_DNS_1=$(echo "${piholeDNS}" | sed 's/[, \t]\+/,/g' | awk -F, '{print$1}') @@ -890,11 +890,11 @@ setDNS() { fi # Since the settings will not work, stay in the loop DNSSettingsCorrect=False - # Othwerise, + # Otherwise, else # Show the settings if (whiptail --backtitle "Specify Upstream DNS Provider(s)" --title "Upstream DNS Provider(s)" --yesno "Are these settings correct?\\n DNS Server 1: $PIHOLE_DNS_1\\n DNS Server 2: ${PIHOLE_DNS_2}" ${r} ${c}); then - # and break from the loop since the servers are vaid + # and break from the loop since the servers are valid DNSSettingsCorrect=True # Otherwise, else @@ -928,7 +928,7 @@ setLogging() { # Set the GLOBAL variable to true so we know what they selected QUERY_LOGGING=true ;; - # Othwerise, it's off, + # Otherwise, it's off, Off) echo -e " ${INFO} Logging Off." # So set it to false @@ -1096,7 +1096,7 @@ installScripts() { cd "${PI_HOLE_LOCAL_REPO}" # Install the scripts by: # -o setting the owner to the user - # -Dm755 create all leading components of destiantion except the last, then copy the source to the destiantion and setting the permissions to 755 + # -Dm755 create all leading components of destination except the last, then copy the source to the destination and setting the permissions to 755 # # This first one is the directory install -o "${USER}" -Dm755 -d "${PI_HOLE_INSTALL_DIR}" @@ -1402,7 +1402,7 @@ installPiholeWeb() { # If the Web server user is lighttpd, if [[ "$LIGHTTPD_USER" == "lighttpd" ]]; then # Allow executing pihole via sudo with Fedora - # Usually /usr/local/bin is not permitted as directory for sudoable programms + # Usually /usr/local/bin is not permitted as directory for sudoable programs echo "Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin" >> /etc/sudoers.d/pihole fi # Set the strict permissions on the file @@ -1456,11 +1456,11 @@ configureFirewall() { echo "" # If a firewall is running, if firewall-cmd --state &> /dev/null; then - # ask if the user wants to install Pi-hole's default firwall rules + # ask if the user wants to install Pi-hole's default firewall rules whiptail --title "Firewall in use" --yesno "We have detected a running firewall\\n\\nPi-hole currently requires HTTP and DNS port access.\\n\\n\\n\\nInstall Pi-hole default firewall rules?" ${r} ${c} || \ { echo -e " ${INFO} Not installing firewall rulesets."; return 0; } echo -e " ${TICK} Configuring FirewallD for httpd and pihole-FTL" - # Allow HTTP and DNS traffice + # Allow HTTP and DNS traffic firewall-cmd --permanent --add-service=http --add-service=dns # Reload the firewall to apply these changes firewall-cmd --reload @@ -1508,7 +1508,7 @@ finalExports() { # If the setup variable file exists, if [[ -e "${setupVars}" ]]; then # update the variables in the file - sed -i.update.bak '/PIHOLE_INTERFACE/d;/IPV4_ADDRESS/d;/IPV6_ADDRESS/d;/PIHOLE_DNS_1/d;/PIHOLE_DNS_2/d;/QUERY_LOGGING/d;/INSTALL_WEB_SERVER/d;INSTALL_WEB_INTERFACE/d;/LIGHTTPD_ENABLED/d;' "${setupVars}" + sed -i.update.bak '/PIHOLE_INTERFACE/d;/IPV4_ADDRESS/d;/IPV6_ADDRESS/d;/PIHOLE_DNS_1/d;/PIHOLE_DNS_2/d;/QUERY_LOGGING/d;/INSTALL_WEB_SERVER/d;/INSTALL_WEB_INTERFACE/d;/LIGHTTPD_ENABLED/d;' "${setupVars}" fi # echo the information to the user { @@ -1557,6 +1557,27 @@ installLogrotate() { echo -e "${OVER} ${TICK} ${str}" } +# At some point in the future this list can be pruned, for now we'll need it to ensure updates don't break. +# Refactoring of install script has changed the name of a couple of variables. Sort them out here. +accountForRefactor() { + sed -i 's/piholeInterface/PIHOLE_INTERFACE/g' ${setupVars} + sed -i 's/IPv4_address/IPV4_ADDRESS/g' ${setupVars} + sed -i 's/IPv4addr/IPV4_ADDRESS/g' ${setupVars} + sed -i 's/IPv6_address/IPV6_ADDRESS/g' ${setupVars} + sed -i 's/piholeIPv6/IPV6_ADDRESS/g' ${setupVars} + sed -i 's/piholeDNS1/PIHOLE_DNS_1/g' ${setupVars} + sed -i 's/piholeDNS2/PIHOLE_DNS_2/g' ${setupVars} + sed -i 's/^INSTALL_WEB=/INSTALL_WEB_INTERFACE=/' ${setupVars} + # Add 'INSTALL_WEB_SERVER', if its not been applied already: https://github.com/pi-hole/pi-hole/pull/2115 + if ! grep -q '^INSTALL_WEB_SERVER=' ${setupVars}; then + local webserver_installed=false + if grep -q '^INSTALL_WEB_INTERFACE=true' ${setupVars}; then + webserver_installed=true + fi + echo -e "INSTALL_WEB_SERVER=$webserver_installed" >> ${setupVars} + fi +} + # Install base files and web interface installPihole() { # Create the pihole user @@ -1580,15 +1601,19 @@ installPihole() { # enable fastcgi and fastcgi-php lighty-enable-mod fastcgi fastcgi-php > /dev/null || true else - # Othweise, show info about installing them + # Otherwise, show info about installing them echo -e " ${INFO} Warning: 'lighty-enable-mod' utility not found Please ensure fastcgi is enabled if you experience issues\\n" fi - fi + fi fi - # Install scripts, + # For updates and unattended install. + if [[ "${useUpdateVars}" == true ]]; then + accountForRefactor + fi + # Install base files and web interface installScripts - # configs, + # Install config files installConfigs # If the user wants to install the dashboard, if [[ "${INSTALL_WEB_INTERFACE}" == true ]]; then @@ -1602,57 +1627,14 @@ installPihole() { # Check if FTL is installed FTLdetect || echo -e " ${CROSS} FTL Engine not installed" # Configure the firewall - configureFirewall + if [[ "${useUpdateVars}" == false ]]; then + configureFirewall + fi - #update setupvars.conf with any variables that may or may not have been changed during the install + # Update setupvars.conf with any variables that may or may not have been changed during the install finalExports } -# At some point in the future this list can be pruned, for now we'll need it to ensure updates don't break. -# Refactoring of install script has changed the name of a couple of variables. Sort them out here. -accountForRefactor() { - sed -i 's/piholeInterface/PIHOLE_INTERFACE/g' ${setupVars} - sed -i 's/IPv4_address/IPV4_ADDRESS/g' ${setupVars} - sed -i 's/IPv4addr/IPV4_ADDRESS/g' ${setupVars} - sed -i 's/IPv6_address/IPV6_ADDRESS/g' ${setupVars} - sed -i 's/piholeIPv6/IPV6_ADDRESS/g' ${setupVars} - sed -i 's/piholeDNS1/PIHOLE_DNS_1/g' ${setupVars} - sed -i 's/piholeDNS2/PIHOLE_DNS_2/g' ${setupVars} - sed -i 's/^INSTALL_WEB=/INSTALL_WEB_INTERFACE=/' ${setupVars} - # Add 'INSTALL_WEB_SERVER', if its not been applied already: https://github.com/pi-hole/pi-hole/pull/2115 - if ! grep -q '^INSTALL_WEB_SERVER=' ${setupVars}; then - local webserver_installed=false - if grep -q '^INSTALL_WEB_INTERFACE=true' ${setupVars}; then - webserver_installed=true - fi - echo -e "INSTALL_WEB_SERVER=$webserver_installed" >> ${setupVars} - fi -} - -updatePihole() { - accountForRefactor - # Install base files and web interface - installScripts - # Install config files - installConfigs - # If the user wants to install the dasboard, - if [[ "${INSTALL_WEB_INTERFACE}" == true ]]; then - # do so - installPiholeWeb - fi - # Install the cron file - installCron - # Install logrotate - installLogrotate - # Detect if FTL is installed - FTLdetect || echo -e " ${CROSS} FTL Engine not installed." - - #update setupvars.conf with any variables that may or may not have been changed during the install - finalExports - -} - - # SELinux checkSelinux() { # If the getenforce command exists, @@ -1713,7 +1695,7 @@ update_dialogs() { opt1a="Repair" opt1b="This will retain existing settings" strAdd="You will remain on the same version" - # Othweise, + # Otherwise, else # set some variables with different values opt1a="Update" @@ -1853,7 +1835,7 @@ FTLinstall() { fi fi return 0 - # Otherise, + # Otherwise, else # the download failed, so just go back to the original directory popd > /dev/null || { echo "Unable to return to original directory after FTL binary download."; return 1; } @@ -2142,61 +2124,39 @@ main() { setAdminFlag # Let the user decide if they want query logging enabled... setLogging - # Clone/Update the repos - clone_or_update_repos - - # Install the Core dependencies - local dep_install_list=("${PIHOLE_DEPS[@]}") - if [[ "${INSTALL_WEB_SERVER}" == true ]]; then - # Install the Web dependencies - dep_install_list+=("${PIHOLE_WEB_DEPS[@]}") - fi - - install_dependent_packages dep_install_list[@] - unset dep_install_list - - # On some systems, lighttpd is not enabled on first install. We need to enable it here if the user - # has chosen to install the web interface, else the `LIGHTTPD_ENABLED` check will fail - if [[ "${INSTALL_WEB_SERVER}" == true ]]; then - enable_service lighttpd - fi - - if [[ -x "$(command -v systemctl)" ]]; then - # Value will either be 1, if true, or 0 - LIGHTTPD_ENABLED=$(systemctl is-enabled lighttpd | grep -c 'enabled' || true) - else - # Value will either be 1, if true, or 0 - LIGHTTPD_ENABLED=$(service lighttpd status | awk '/Loaded:/ {print $0}' | grep -c 'enabled' || true) - fi - - # Install and log everything to a file - installPihole | tee -a /proc/$$/fd/3 else # Source ${setupVars} to use predefined user variables in the functions source ${setupVars} - - # Clone/Update the repos - clone_or_update_repos - - # Install the Core dependencies - local dep_install_list=("${PIHOLE_DEPS[@]}") - if [[ "${INSTALL_WEB_SERVER}" == true ]]; then - # Install the Web dependencies - dep_install_list+=("${PIHOLE_WEB_DEPS[@]}") - fi - - install_dependent_packages dep_install_list[@] - unset dep_install_list - - if [[ -x "$(command -v systemctl)" ]]; then - # Value will either be 1, if true, or 0 - LIGHTTPD_ENABLED=$(systemctl is-enabled lighttpd | grep -c 'enabled' || true) - else - # Value will either be 1, if true, or 0 - LIGHTTPD_ENABLED=$(service lighttpd status | awk '/Loaded:/ {print $0}' | grep -c 'enabled' || true) - fi - updatePihole | tee -a /proc/$$/fd/3 fi + # Clone/Update the repos + clone_or_update_repos + + # Install the Core dependencies + local dep_install_list=("${PIHOLE_DEPS[@]}") + if [[ "${INSTALL_WEB_SERVER}" == true ]]; then + # Install the Web dependencies + dep_install_list+=("${PIHOLE_WEB_DEPS[@]}") + fi + + install_dependent_packages dep_install_list[@] + unset dep_install_list + + # On some systems, lighttpd is not enabled on first install. We need to enable it here if the user + # has chosen to install the web interface, else the `LIGHTTPD_ENABLED` check will fail + if [[ "${INSTALL_WEB_SERVER}" == true ]]; then + enable_service lighttpd + fi + + if [[ -x "$(command -v systemctl)" ]]; then + # Value will either be 1, if true, or 0 + LIGHTTPD_ENABLED=$(systemctl is-enabled lighttpd | grep -c 'enabled' || true) + else + # Value will either be 1, if true, or 0 + LIGHTTPD_ENABLED=$(service lighttpd status | awk '/Loaded:/ {print $0}' | grep -c 'enabled' || true) + fi + + # Install and log everything to a file + installPihole | tee -a /proc/$$/fd/3 # Copy the temp log file into final log location for storage copy_to_install_log From 8ead0b54830e59cd090ec317227916d441f05f7d Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Mon, 23 Apr 2018 11:59:39 +0100 Subject: [PATCH 090/277] @fourdee dropped this: `/` Signed-off-by: Adam Warner --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index b9a23a72..50f112e6 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1508,7 +1508,7 @@ finalExports() { # If the setup variable file exists, if [[ -e "${setupVars}" ]]; then # update the variables in the file - sed -i.update.bak '/PIHOLE_INTERFACE/d;/IPV4_ADDRESS/d;/IPV6_ADDRESS/d;/PIHOLE_DNS_1/d;/PIHOLE_DNS_2/d;/QUERY_LOGGING/d;/INSTALL_WEB_SERVER/d;INSTALL_WEB_INTERFACE/d;/LIGHTTPD_ENABLED/d;' "${setupVars}" + sed -i.update.bak '/PIHOLE_INTERFACE/d;/IPV4_ADDRESS/d;/IPV6_ADDRESS/d;/PIHOLE_DNS_1/d;/PIHOLE_DNS_2/d;/QUERY_LOGGING/d;/INSTALL_WEB_SERVER/d;/INSTALL_WEB_INTERFACE/d;/LIGHTTPD_ENABLED/d;' "${setupVars}" fi # echo the information to the user { From 1d8ea9e8693b4a1a38a1cf45516ce032c1130a1d Mon Sep 17 00:00:00 2001 From: bcambl Date: Sun, 22 Apr 2018 13:53:15 -0600 Subject: [PATCH 091/277] Fix static IP checking on Fedora This bug was introduced by #1758 where the CIDR was removed from the static IP check. The CIDR was acting as a boundary so we need to test for a boundary or a slash character. Signed-off-by: bcambl --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index c473d0c9..2da8e785 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -689,7 +689,7 @@ setStaticIPv4() { IFCFG_FILE=/etc/sysconfig/network-scripts/ifcfg-${PIHOLE_INTERFACE} IPADDR=$(echo "${IPV4_ADDRESS}" | cut -f1 -d/) # check if the desired IP is already set - if grep -q "${IPADDR}" "${IFCFG_FILE}"; then + if grep -Eq "${IPADDR}(\\b|\\/)" "${IFCFG_FILE}"; then echo -e " ${INFO} Static IP already configured" # Otherwise, else From ceaf4bc6bcfc1c6ad12dd57773dea2f9947a9a3e Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Mon, 23 Apr 2018 20:46:57 +0100 Subject: [PATCH 092/277] Some extra code made it's way into the dev branch. Not entirely sure how that happened... related to #2115 Signed-off-by: Adam Warner --- advanced/Scripts/update.sh | 18 ------------------ 1 file changed, 18 deletions(-) diff --git a/advanced/Scripts/update.sh b/advanced/Scripts/update.sh index d2b31948..89e97fdf 100755 --- a/advanced/Scripts/update.sh +++ b/advanced/Scripts/update.sh @@ -113,24 +113,6 @@ main() { echo -e " ${INFO} Pi-hole Core:\\t${COL_LIGHT_GREEN}up to date${COL_NC}" fi - if FTLcheckUpdate ; then - FTL_update=true - echo -e " ${INFO} FTL:\\t\\t${COL_YELLOW}update available${COL_NC}" - else - FTL_update=false - echo -e " ${INFO} FTL:\\t\\t${COL_LIGHT_GREEN}up to date${COL_NC}" - fi - - # Logic: Don't update FTL when there is a core update available - # since the core update will run the installer which will itself - # re-install (i.e. update) FTL - if ${FTL_update} && ! ${core_update}; then - echo "" - echo -e " ${INFO} FTL out of date" - FTLdetect - echo "" - fi - if [[ "${INSTALL_WEB_INTERFACE}" == true ]]; then if ! is_repo "${ADMIN_INTERFACE_DIR}" ; then echo -e "\\n ${COL_LIGHT_RED}Error: Web Admin repo is missing from system! From 43f19034b9a4915c3bce680add731118fa501a56 Mon Sep 17 00:00:00 2001 From: MichaIng <28480705+MichaIng@users.noreply.github.com> Date: Sat, 28 Apr 2018 15:17:29 +0200 Subject: [PATCH 093/277] "INSTALL_WEB" renamed to "INSTALL_WEB_INTERFACE" #2115 + Small fix, as due to PR https://github.com/pi-hole/pi-hole/pull/2115 variable "INSTALL_WEB" was renamed into "INSTALL_WEB_INTERFACE". --- advanced/Scripts/piholeCheckout.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/advanced/Scripts/piholeCheckout.sh b/advanced/Scripts/piholeCheckout.sh index 589bb76e..71457f9b 100644 --- a/advanced/Scripts/piholeCheckout.sh +++ b/advanced/Scripts/piholeCheckout.sh @@ -157,7 +157,7 @@ checkout() { echo "" echo -e " ${INFO} Pi-hole Core" fetch_checkout_pull_branch "${PI_HOLE_FILES_DIR}" "development" || { echo " ${CROSS} Unable to pull Core developement branch"; exit 1; } - if [[ "${INSTALL_WEB}" == "true" ]]; then + if [[ "${INSTALL_WEB_INTERFACE}" == "true" ]]; then echo "" echo -e " ${INFO} Web interface" fetch_checkout_pull_branch "${webInterfaceDir}" "devel" || { echo " ${CROSS} Unable to pull Web development branch"; exit 1; } @@ -173,7 +173,7 @@ checkout() { echo -e " ${INFO} Shortcut \"master\" detected - checking out master branches..." echo -e " ${INFO} Pi-hole core" fetch_checkout_pull_branch "${PI_HOLE_FILES_DIR}" "master" || { echo " ${CROSS} Unable to pull Core master branch"; exit 1; } - if [[ ${INSTALL_WEB} == "true" ]]; then + if [[ ${INSTALL_WEB_INTERFACE} == "true" ]]; then echo -e " ${INFO} Web interface" fetch_checkout_pull_branch "${webInterfaceDir}" "master" || { echo " ${CROSS} Unable to pull Web master branch"; exit 1; } fi @@ -209,7 +209,7 @@ checkout() { exit 1 fi checkout_pull_branch "${PI_HOLE_FILES_DIR}" "${2}" - elif [[ "${1}" == "web" ]] && [[ "${INSTALL_WEB}" == "true" ]] ; then + elif [[ "${1}" == "web" ]] && [[ "${INSTALL_WEB_INTERFACE}" == "true" ]] ; then str="Fetching branches from ${webInterfaceGitUrl}" echo -ne " ${INFO} $str" if ! fully_fetch_repo "${webInterfaceDir}" ; then From 0c8a32b9ae3fdada94839f065e9816a16b8c09eb Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Sun, 29 Apr 2018 18:27:10 +0100 Subject: [PATCH 094/277] No need to stop services This causes issues on a `pihole -r reconfigure` Signed-off-by: Adam Warner --- automated install/basic-install.sh | 17 ----------------- 1 file changed, 17 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index e8901193..7a031466 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -2113,23 +2113,6 @@ main() { welcomeDialogs # Create directory for Pi-hole storage mkdir -p /etc/pihole/ - - #Do we need to stop pihole-FTL or dnsmasq(if coming from an old install)? - if [[ $(which pihole-FTL 2>/dev/null) ]]; then - if pihole-FTL --resolver > /dev/null; then - stop_service pihole-FTL - else - stop_service dnsmasq - fi - else - if [[ $(which dnsmasq 2>/dev/null) ]]; then - stop_service dnsmasq - fi - fi - - if [[ "${INSTALL_WEB_SERVER}" == true ]]; then - stop_service lighttpd - fi # Determine available interfaces get_available_interfaces # Find interfaces and let the user choose one From 5f2217a0791a1232c7af911e6b2b98ebd341d135 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Mon, 30 Apr 2018 21:45:03 +0100 Subject: [PATCH 095/277] Fix for gravity.list not being emptied with an empty/missing adlist file. Variable output depending on content of /existence of adlist Signed-off-by: Adam Warner --- gravity.sh | 57 +++++++++++++++++++++++++++++++++--------------------- 1 file changed, 35 insertions(+), 22 deletions(-) diff --git a/gravity.sh b/gravity.sh index 05f4d972..58419029 100755 --- a/gravity.sh +++ b/gravity.sh @@ -44,6 +44,8 @@ skipDownload="false" resolver="pihole-FTL" +haveSourceUrls=true + # Source setupVars from install script setupVars="${piholeDir}/setupVars.conf" if [[ -f "${setupVars}" ]];then @@ -129,18 +131,12 @@ gravity_CheckDNSResolutionAvailable() { gravity_GetBlocklistUrls() { echo -e " ${INFO} ${COL_BOLD}Neutrino emissions detected${COL_NC}..." - # Determine if adlists file needs handling - if [[ ! -f "${adListFile}" ]]; then - echo -e " ${CROSS} No adlists file found. Nothing to do!" - elif [[ -f "${adListDefault}" ]] && [[ -f "${adListFile}" ]]; then + if [[ -f "${adListDefault}" ]] && [[ -f "${adListFile}" ]]; then # Remove superceded $adListDefault file rm "${adListDefault}" 2> /dev/null || \ echo -e " ${CROSS} Unable to remove ${adListDefault}" fi - local str="Pulling blocklist source list into range" - echo -ne " ${INFO} ${str}..." - # Retrieve source URLs from $adListFile # Logic: Remove comments and empty lines mapfile -t sources <<< "$(grep -v -E "^(#|$)" "${adListFile}" 2> /dev/null)" @@ -156,11 +152,15 @@ gravity_GetBlocklistUrls() { }' <<< "$(printf '%s\n' "${sources[@]}")" 2> /dev/null )" + local str="Pulling blocklist source list into range" + if [[ -n "${sources[*]}" ]] && [[ -n "${sourceDomains[*]}" ]]; then echo -e "${OVER} ${TICK} ${str}" else echo -e "${OVER} ${CROSS} ${str}" - gravity_Cleanup "error" + echo -e " ${INFO} No source list found, or it is empty" + echo "" + haveSourceUrls=false fi } @@ -374,7 +374,9 @@ gravity_ConsolidateDownloadedBlocklists() { local str lastLine str="Consolidating blocklists" - echo -ne " ${INFO} ${str}..." + if [[ "${haveSourceUrls}" == true ]]; then + echo -ne " ${INFO} ${str}..." + fi # Empty $matterAndLight if it already exists, otherwise, create it : > "${piholeDir}/${matterAndLight}" @@ -393,8 +395,9 @@ gravity_ConsolidateDownloadedBlocklists() { fi fi done - - echo -e "${OVER} ${TICK} ${str}" + if [[ "${haveSourceUrls}" == true ]]; then + echo -e "${OVER} ${TICK} ${str}" + fi } # Parse consolidated list into (filtered, unique) domains-only format @@ -402,24 +405,33 @@ gravity_SortAndFilterConsolidatedList() { local str num str="Extracting domains from blocklists" - echo -ne " ${INFO} ${str}..." + if [[ "${haveSourceUrls}" == true ]]; then + echo -ne " ${INFO} ${str}..." + fi # Parse into hosts file gravity_ParseFileIntoDomains "${piholeDir}/${matterAndLight}" "${piholeDir}/${parsedMatter}" # Format $parsedMatter line total as currency num=$(printf "%'.0f" "$(wc -l < "${piholeDir}/${parsedMatter}")") - echo -e "${OVER} ${TICK} ${str} - ${INFO} Number of domains being pulled in by gravity: ${COL_BLUE}${num}${COL_NC}" + if [[ "${haveSourceUrls}" == true ]]; then + echo -e "${OVER} ${TICK} ${str}" + fi + echo -e " ${INFO} Number of domains being pulled in by gravity: ${COL_BLUE}${num}${COL_NC}" str="Removing duplicate domains" - echo -ne " ${INFO} ${str}..." - sort -u "${piholeDir}/${parsedMatter}" > "${piholeDir}/${preEventHorizon}" - echo -e "${OVER} ${TICK} ${str}" + if [[ "${haveSourceUrls}" == true ]]; then + echo -ne " ${INFO} ${str}..." + fi - # Format $preEventHorizon line total as currency - num=$(printf "%'.0f" "$(wc -l < "${piholeDir}/${preEventHorizon}")") - echo -e " ${INFO} Number of unique domains trapped in the Event Horizon: ${COL_BLUE}${num}${COL_NC}" + sort -u "${piholeDir}/${parsedMatter}" > "${piholeDir}/${preEventHorizon}" + + if [[ "${haveSourceUrls}" == true ]]; then + echo -e "${OVER} ${TICK} ${str}" + # Format $preEventHorizon line total as currency + num=$(printf "%'.0f" "$(wc -l < "${piholeDir}/${preEventHorizon}")") + echo -e " ${INFO} Number of unique domains trapped in the Event Horizon: ${COL_BLUE}${num}${COL_NC}" + fi } # Whitelist user-defined domains @@ -531,7 +543,6 @@ gravity_ParseUserDomains() { if [[ ! -f "${blacklistFile}" ]]; then return 0 fi - # Copy the file over as /etc/pihole/black.list so dnsmasq can use it cp "${blacklistFile}" "${blackList}" 2> /dev/null || \ echo -e "\\n ${CROSS} Unable to move ${blacklistFile##*/} to ${piholeDir}" @@ -618,7 +629,9 @@ if [[ "${skipDownload}" == false ]]; then # Gravity needs to download blocklists gravity_CheckDNSResolutionAvailable gravity_GetBlocklistUrls - gravity_SetDownloadOptions + if [[ "${haveSourceUrls}" == true ]]; then + gravity_SetDownloadOptions + fi gravity_ConsolidateDownloadedBlocklists gravity_SortAndFilterConsolidatedList else From 68d7337f98b2ae8fac9b87206251598bef613f4d Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Mon, 30 Apr 2018 23:42:41 +0100 Subject: [PATCH 096/277] switch up dnsmasq detection logic Signed-off-by: Adam Warner --- automated install/basic-install.sh | 39 ++++++++++++++---------------- 1 file changed, 18 insertions(+), 21 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index c0d7f2ed..7fa8bf6e 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1853,23 +1853,20 @@ FTLinstall() { popd > /dev/null || { echo "Unable to return to original directory after FTL binary download."; return 1; } # Install the FTL service echo -e "${OVER} ${TICK} ${str}" - # If the --resolver flag returns True (exit code 0), then we can safely stop & disable dnsmasq - if pihole-FTL --resolver > /dev/null; then - if which dnsmasq > /dev/null; then - if check_service_active "dnsmasq";then - echo " ${INFO} FTL can now resolve DNS Queries without dnsmasq running separately" - stop_service dnsmasq - disable_service dnsmasq - fi - fi - - #ensure /etc/dnsmasq.conf contains `conf-dir=/etc/dnsmasq.d` - confdir="conf-dir=/etc/dnsmasq.d" - conffile="/etc/dnsmasq.conf" - if ! grep -q "$confdir" "$conffile"; then - echo "$confdir" >> "$conffile" - fi + # dnsmasq can now be stopped and disabled + if check_service_active "dnsmasq";then + echo " ${INFO} FTL can now resolve DNS Queries without dnsmasq running separately" + stop_service dnsmasq + disable_service dnsmasq fi + + #ensure /etc/dnsmasq.conf contains `conf-dir=/etc/dnsmasq.d` + confdir="conf-dir=/etc/dnsmasq.d" + conffile="/etc/dnsmasq.conf" + if ! grep -q "$confdir" "$conffile"; then + echo "$confdir" >> "$conffile" + fi + return 0 # Otherwise, else @@ -2025,6 +2022,11 @@ FTLdetect() { echo "" echo -e " ${INFO} FTL Checks..." + # if dnsmasq is running at this point, force reinstall of FTL Binary + if check_service_active "dnsmasq";then + FTLinstall "${binary}" || return 1 + fi + if FTLcheckUpdate ; then FTLinstall "${binary}" || return 1 fi @@ -2197,11 +2199,6 @@ main() { echo -e " ${INFO} Restarting services..." # Start services - # Only start and enable dnsmasq if FTL does not have the --resolver switch - if ! pihole-FTL --resolver > /dev/null; then - start_service dnsmasq - enable_service dnsmasq - fi # If the Web server was installed, if [[ "${INSTALL_WEB_SERVER}" == true ]]; then From e946a35b181fb3fb51f772b0dc14eb2b546630ca Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Mon, 30 Apr 2018 23:50:35 +0100 Subject: [PATCH 097/277] Move dnsmasq check into FTLcheckUpdate Signed-off-by: Adam Warner --- automated install/basic-install.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 7fa8bf6e..57878e9a 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1971,6 +1971,11 @@ FTLcheckUpdate() local remoteSha1 local localSha1 + # if dnsmasq is running at this point, force reinstall of FTL Binary + if check_service_active "dnsmasq";then + return 1 + fi + if [[ ! "${ftlBranch}" == "master" ]]; then if [[ ${ftlLoc} ]]; then # We already have a pihole-FTL binary downloaded. @@ -2022,11 +2027,6 @@ FTLdetect() { echo "" echo -e " ${INFO} FTL Checks..." - # if dnsmasq is running at this point, force reinstall of FTL Binary - if check_service_active "dnsmasq";then - FTLinstall "${binary}" || return 1 - fi - if FTLcheckUpdate ; then FTLinstall "${binary}" || return 1 fi From a07891e3e6abfe8059e642ca5807907cbf7f9744 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Mon, 30 Apr 2018 23:53:51 +0100 Subject: [PATCH 098/277] 0 is not 1!! Signed-off-by: Adam Warner --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 57878e9a..e7c5cd55 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1973,7 +1973,7 @@ FTLcheckUpdate() # if dnsmasq is running at this point, force reinstall of FTL Binary if check_service_active "dnsmasq";then - return 1 + return 0 fi if [[ ! "${ftlBranch}" == "master" ]]; then From 8ad37af70ee884c3d863755b32f87dea35681ae5 Mon Sep 17 00:00:00 2001 From: bcambl Date: Tue, 1 May 2018 00:28:55 -0600 Subject: [PATCH 099/277] CentOS install re-worked to include PHP7 via Remi repository Signed-off-by: bcambl --- automated install/basic-install.sh | 71 +++++++++++++++++++++++++++--- 1 file changed, 64 insertions(+), 7 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index e7c5cd55..753f1211 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -217,14 +217,71 @@ elif command -v rpm &> /dev/null; then PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l" INSTALLER_DEPS=(dialog git iproute net-tools newt procps-ng) PIHOLE_DEPS=(bc bind-utils cronie curl findutils nmap-ncat sudo unzip wget libidn2 psmisc) - PIHOLE_WEB_DEPS=(lighttpd lighttpd-fastcgi php php-common php-cli php-pdo) - # EPEL (https://fedoraproject.org/wiki/EPEL) is required for lighttpd on CentOS - if grep -qi 'centos' /etc/redhat-release; then - INSTALLER_DEPS=("${INSTALLER_DEPS[@]}" "epel-release"); + PIHOLE_WEB_DEPS=(lighttpd lighttpd-fastcgi php-common php-cli php-pdo) + LIGHTTPD_USER="lighttpd" + LIGHTTPD_GROUP="lighttpd" + LIGHTTPD_CFG="lighttpd.conf.fedora" + # If the host OS is Fedora, + if grep -qi 'fedora' /etc/redhat-release; then + # all required packages should be available by default with the latest fedora release + : # continue + # or if host OS is CentOS, + elif grep -qi 'centos' /etc/redhat-release; then + # Pi-Hole currently supports CentOS 7+ with PHP7+ + SUPPORTED_CENTOS_VERSION=7 + SUPPORTED_CENTOS_PHP_VERSION=7 + # Check current CentOS major release version + CURRENT_CENTOS_VERSION=$(rpm -q --queryformat '%{VERSION}' centos-release) + # Check if CentOS version is supported + if [[ $CURRENT_CENTOS_VERSION -lt $SUPPORTED_CENTOS_VERSION ]]; then + echo -e " ${CROSS} CentOS $CURRENT_CENTOS_VERSION is not suported." + echo -e " Please update to CentOS release $SUPPORTED_CENTOS_VERSION or later" + # exit the installer + exit + fi + # on CentOS we need to add the EPEL repository to gain access to Fedora packages + EPEL_PKG="epel-release" + rpm -q ${EPEL_PKG} &> /dev/null || rc=$? + if [[ $rc -ne 0 ]]; then + echo -e " ${INFO} Enabling EPEL package repository (https://fedoraproject.org/wiki/EPEL)" + "${PKG_INSTALL[@]}" ${EPEL_PKG} &> /dev/null + echo -e " ${TICK} Installed ${EPEL_PKG}" + fi + + # The default php on CentOS 7.x is 5.4 which is EOL + # Check if the version of PHP available via installed repositories is >= to PHP 7 + AVAILABLE_PHP_VERSION=$(${PKG_MANAGER} info php | grep -i version | grep -o '[0-9]\+' | head -1) + if [[ $AVAILABLE_PHP_VERSION -ge $SUPPORTED_CENTOS_PHP_VERSION ]]; then + # Since PHP 7 is available by default, install via default PHP package names + : # do nothing as PHP is current + else + REMI_PKG="remi-release" + REMI_REPO="remi-php72" + rpm -q ${REMI_PKG} &> /dev/null || rc=$? + if [[ $rc -ne 0 ]]; then + # The PHP version available via default repositories is older than version 7 + if ! whiptail --defaultno --title "PHP 7 Update (recommended)" --yesno "PHP 7.x is recommended for both security and language features.\\nWould you like to install PHP7 via Remi's RPM repository?\\n\\nSee: https://rpms.remirepo.net for more information" ${r} ${c}; then + # User decided to NOT update PHP from REMI, attempt to install the default available PHP version + echo -e " ${INFO} User opt-out of PHP 7 upgrade on CentOS. Deprecated PHP may be in use." + : # continue with unsupported php version + else + echo -e " ${INFO} Enabling Remi's RPM repository (https://rpms.remirepo.net)" + "${PKG_INSTALL[@]}" "https://rpms.remirepo.net/enterprise/${REMI_PKG}-$(rpm -E '%{rhel}').rpm" &> /dev/null + # enable the PHP 7 repository via yum-config-manager (provided by yum-utils) + "${PKG_INSTALL[@]}" "yum-utils" &> /dev/null + yum-config-manager --enable ${REMI_REPO} &> /dev/null + echo -e " ${TICK} Remi's RPM repository has been enabled for PHP7" + + fi + fi + fi + else + # If not a supported version of Fedora or CentOS, + echo -e " ${CROSS} Unsupported RPM based distribution" + # exit the installer + exit fi - LIGHTTPD_USER="lighttpd" - LIGHTTPD_GROUP="lighttpd" - LIGHTTPD_CFG="lighttpd.conf.fedora" + # If neither apt-get or rmp/dnf are found else From a6e4b0fea567d83e9667b12f1a96a1d3c0ed0493 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Tue, 1 May 2018 21:59:12 +0100 Subject: [PATCH 100/277] - Test for existence of remote non-master branch of FTL before attemtping to check for update - Move some functions from checkout to basic-install - provide helpful error message on downlaod not existing Signed-off-by: Adam Warner --- advanced/Scripts/piholeCheckout.sh | 88 ++--------------------------- advanced/Scripts/update.sh | 11 +++- automated install/basic-install.sh | 89 ++++++++++++++++++++++++++++++ 3 files changed, 104 insertions(+), 84 deletions(-) diff --git a/advanced/Scripts/piholeCheckout.sh b/advanced/Scripts/piholeCheckout.sh index 71457f9b..65bb5b7a 100644 --- a/advanced/Scripts/piholeCheckout.sh +++ b/advanced/Scripts/piholeCheckout.sh @@ -17,92 +17,14 @@ source "${PI_HOLE_FILES_DIR}/automated install/basic-install.sh" # piholeGitURL set in basic-install.sh # is_repo() sourced from basic-install.sh # setupVars set in basic-install.sh +# check_download_exists sourced from basic-install.sh +# fully_fetch_repo sourced from basic-install.sh +# get_available_branches sourced from basic-install.sh +# fetch_checkout_pull_branch sourced from basic-install.sh +# checkout_pull_branch sourced from basic-install.sh source "${setupVars}" -coltable="/opt/pihole/COL_TABLE" -source ${coltable} - -check_download_exists() { - status=$(curl --head --silent "https://ftl.pi-hole.net/${1}" | head -n 1) - if grep -q "404" <<< "$status"; then - return 1 - else - return 0 - fi -} - -fully_fetch_repo() { - # Add upstream branches to shallow clone - local directory="${1}" - - cd "${directory}" || return 1 - if is_repo "${directory}"; then - git remote set-branches origin '*' || return 1 - git fetch --quiet || return 1 - else - return 1 - fi - return 0 -} - -get_available_branches() { - # Return available branches - local directory - directory="${1}" - local output - - cd "${directory}" || return 1 - # Get reachable remote branches, but store STDERR as STDOUT variable - output=$( { git remote show origin | grep 'tracked' | sed 's/tracked//;s/ //g'; } 2>&1 ) - echo "$output" - return -} - -fetch_checkout_pull_branch() { - # Check out specified branch - local directory - directory="${1}" - local branch - branch="${2}" - - # Set the reference for the requested branch, fetch, check it put and pull it - cd "${directory}" || return 1 - git remote set-branches origin "${branch}" || return 1 - git stash --all --quiet &> /dev/null || true - git clean --quiet --force -d || true - git fetch --quiet || return 1 - checkout_pull_branch "${directory}" "${branch}" || return 1 -} - -checkout_pull_branch() { - # Check out specified branch - local directory - directory="${1}" - local branch - branch="${2}" - local oldbranch - - cd "${directory}" || return 1 - - oldbranch="$(git symbolic-ref HEAD)" - - str="Switching to branch: '${branch}' from '${oldbranch}'" - echo -ne " ${INFO} $str" - git checkout "${branch}" --quiet || return 1 - echo -e "${OVER} ${TICK} $str" - - git_pull=$(git pull || return 1) - - if [[ "$git_pull" == *"up-to-date"* ]]; then - echo -e " ${INFO} ${git_pull}" - else - echo -e "$git_pull\\n" - fi - - return 0 -} - warning1() { echo " Please note that changing branches severely alters your Pi-hole subsystems" echo " Features that work on the master branch, may not on a development branch" diff --git a/advanced/Scripts/update.sh b/advanced/Scripts/update.sh index 89e97fdf..2279d9c7 100755 --- a/advanced/Scripts/update.sh +++ b/advanced/Scripts/update.sh @@ -133,8 +133,17 @@ main() { FTL_update=true echo -e " ${INFO} FTL:\\t\\t${COL_YELLOW}update available${COL_NC}" else + case $? in + 1) + echo -e " ${INFO} FTL:\\t\\t${COL_LIGHT_GREEN}up to date${COL_NC}" + ;; + 2) + echo -e " ${INFO} FTL:\\t\\t${COL_LIGHT_RED}Branch is not available.${COL_NC}\\n\\t\\t\\tUse ${COL_LIGHT_GREEN}pihole checkout ftl [branchname]${COL_NC} to switch to a valid branch." + ;; + *) + echo -e " ${INFO} FTL:\\t\\t${COL_LIGHT_RED}Something has gone wrong, contact support${COL_NC}" + esac FTL_update=false - echo -e " ${INFO} FTL:\\t\\t${COL_LIGHT_GREEN}up to date${COL_NC}" fi if [[ "${core_update}" == false && "${web_update}" == false && "${FTL_update}" == false ]]; then diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index e7c5cd55..4059ea1d 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1762,6 +1762,86 @@ update_dialogs() { esac } +check_download_exists() { + status=$(curl --head --silent "https://ftl.pi-hole.net/${1}" | head -n 1) + if grep -q "404" <<< "$status"; then + return 1 + else + return 0 + fi +} + +fully_fetch_repo() { + # Add upstream branches to shallow clone + local directory="${1}" + + cd "${directory}" || return 1 + if is_repo "${directory}"; then + git remote set-branches origin '*' || return 1 + git fetch --quiet || return 1 + else + return 1 + fi + return 0 +} + +get_available_branches() { + # Return available branches + local directory + directory="${1}" + local output + + cd "${directory}" || return 1 + # Get reachable remote branches, but store STDERR as STDOUT variable + output=$( { git remote show origin | grep 'tracked' | sed 's/tracked//;s/ //g'; } 2>&1 ) + echo "$output" + return +} + +fetch_checkout_pull_branch() { + # Check out specified branch + local directory + directory="${1}" + local branch + branch="${2}" + + # Set the reference for the requested branch, fetch, check it put and pull it + cd "${directory}" || return 1 + git remote set-branches origin "${branch}" || return 1 + git stash --all --quiet &> /dev/null || true + git clean --quiet --force -d || true + git fetch --quiet || return 1 + checkout_pull_branch "${directory}" "${branch}" || return 1 +} + +checkout_pull_branch() { + # Check out specified branch + local directory + directory="${1}" + local branch + branch="${2}" + local oldbranch + + cd "${directory}" || return 1 + + oldbranch="$(git symbolic-ref HEAD)" + + str="Switching to branch: '${branch}' from '${oldbranch}'" + echo -ne " ${INFO} $str" + git checkout "${branch}" --quiet || return 1 + echo -e "${OVER} ${TICK} $str" + + git_pull=$(git pull || return 1) + + if [[ "$git_pull" == *"up-to-date"* ]]; then + echo -e " ${INFO} ${git_pull}" + else + echo -e "$git_pull\\n" + fi + + return 0 +} + clone_or_update_repos() { # If the user wants to reconfigure, if [[ "${reconfigure}" == true ]]; then @@ -1977,6 +2057,15 @@ FTLcheckUpdate() fi if [[ ! "${ftlBranch}" == "master" ]]; then + #Check whether or not the binary for this FTL branch actually exists. If not, then there is no update! + local path + path="${ftlBranch}/${binary}" + # shellcheck disable=SC1090 + if ! check_download_exists "$path"; then + echo -e " ${INFO} Branch \"${ftlBranch}\" is not available.\\n ${INFO} Use ${COL_LIGHT_GREEN}pihole checkout ftl [branchname]${COL_NC} to switch to a valid branch." + return 2 + fi + if [[ ${ftlLoc} ]]; then # We already have a pihole-FTL binary downloaded. # Alt branches don't have a tagged version against them, so just confirm the checksum of the local vs remote to decide whether we download or not From 76654c7856b00a25ace1dd31019f78337d59f5a0 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Thu, 3 May 2018 21:16:31 +0100 Subject: [PATCH 101/277] Actually check for dnsmasq's existence before attempting to interact with it's service Signed-off-by: Adam Warner --- automated install/basic-install.sh | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 4059ea1d..3100ce58 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1933,11 +1933,13 @@ FTLinstall() { popd > /dev/null || { echo "Unable to return to original directory after FTL binary download."; return 1; } # Install the FTL service echo -e "${OVER} ${TICK} ${str}" - # dnsmasq can now be stopped and disabled - if check_service_active "dnsmasq";then - echo " ${INFO} FTL can now resolve DNS Queries without dnsmasq running separately" - stop_service dnsmasq - disable_service dnsmasq + # dnsmasq can now be stopped and disabled if it exists + if which dnsmasq > /dev/null; then + if check_service_active "dnsmasq";then + echo " ${INFO} FTL can now resolve DNS Queries without dnsmasq running separately" + stop_service dnsmasq + disable_service dnsmasq + fi fi #ensure /etc/dnsmasq.conf contains `conf-dir=/etc/dnsmasq.d` @@ -2051,9 +2053,11 @@ FTLcheckUpdate() local remoteSha1 local localSha1 - # if dnsmasq is running at this point, force reinstall of FTL Binary - if check_service_active "dnsmasq";then - return 0 + # if dnsmasq exists and is running at this point, force reinstall of FTL Binary + if which dnsmasq > /dev/null; then + if check_service_active "dnsmasq";then + return 0 + fi fi if [[ ! "${ftlBranch}" == "master" ]]; then From ec3802c180385edf2d092a87619c76062440a314 Mon Sep 17 00:00:00 2001 From: bcambl Date: Thu, 3 May 2018 23:41:42 -0600 Subject: [PATCH 102/277] add 'which' dependency (missing on Fedora minimal) Signed-off-by: bcambl --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 753f1211..878f2785 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -215,7 +215,7 @@ elif command -v rpm &> /dev/null; then UPDATE_PKG_CACHE=":" PKG_INSTALL=(${PKG_MANAGER} install -y) PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l" - INSTALLER_DEPS=(dialog git iproute net-tools newt procps-ng) + INSTALLER_DEPS=(dialog git iproute net-tools newt procps-ng which) PIHOLE_DEPS=(bc bind-utils cronie curl findutils nmap-ncat sudo unzip wget libidn2 psmisc) PIHOLE_WEB_DEPS=(lighttpd lighttpd-fastcgi php-common php-cli php-pdo) LIGHTTPD_USER="lighttpd" From d3dda443cd03aa6a9ad3b1c87d3d12a68c9bb60d Mon Sep 17 00:00:00 2001 From: bcambl Date: Fri, 4 May 2018 00:02:47 -0600 Subject: [PATCH 103/277] flip uninstall compatability check Signed-off-by: bcambl --- automated install/uninstall.sh | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/automated install/uninstall.sh b/automated install/uninstall.sh index 2f4c58a1..b58c3ecb 100755 --- a/automated install/uninstall.sh +++ b/automated install/uninstall.sh @@ -53,16 +53,7 @@ if [[ "${INSTALL_WEB_SERVER}" == true ]]; then fi # Compatability -if [ -x "$(command -v rpm)" ]; then - # Fedora Family - PKG_REMOVE="${PKG_MANAGER} remove -y" - package_check() { - rpm -qa | grep ^$1- > /dev/null - } - package_cleanup() { - ${SUDO} ${PKG_MANAGER} -y autoremove - } -elif [ -x "$(command -v apt-get)" ]; then +if [ -x "$(command -v apt-get)" ]; then # Debian Family PKG_REMOVE="${PKG_MANAGER} -y remove --purge" package_check() { @@ -72,6 +63,15 @@ elif [ -x "$(command -v apt-get)" ]; then ${SUDO} ${PKG_MANAGER} -y autoremove ${SUDO} ${PKG_MANAGER} -y autoclean } +elif [ -x "$(command -v rpm)" ]; then + # Fedora Family + PKG_REMOVE="${PKG_MANAGER} remove -y" + package_check() { + rpm -qa | grep ^$1- > /dev/null + } + package_cleanup() { + ${SUDO} ${PKG_MANAGER} -y autoremove + } else echo -e " ${CROSS} OS distribution not supported" exit 1 From 2ef76d5e3152c4b35e639c3659c74befc68bc7ed Mon Sep 17 00:00:00 2001 From: DL6ER Date: Fri, 4 May 2018 22:19:39 +0200 Subject: [PATCH 104/277] Remove LOCAL_DNS_PORT support Signed-off-by: DL6ER --- advanced/Scripts/webpage.sh | 21 +++++++-------------- 1 file changed, 7 insertions(+), 14 deletions(-) diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index 21623eea..8a85839f 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -149,9 +149,13 @@ ProcessDNSSettings() { let COUNTER=COUNTER+1 done - if [ ! -z "${LOCAL_DNS_PORT}" ]; then - add_dnsmasq_setting "server" "127.0.0.1#${LOCAL_DNS_PORT}" - fi + # The option LOCAL_DNS_PORT is deprecated + # We apply it once more, and then convert it into the current format + if [ ! -z "${LOCAL_DNS_PORT}" ]; then + add_dnsmasq_setting "server" "127.0.0.1#${LOCAL_DNS_PORT}" + add_setting "PIHOLE_DNS_${COUNTER}" "127.0.0.1#${LOCAL_DNS_PORT}" + delete_setting "LOCAL_DNS_PORT" + fi delete_dnsmasq_setting "domain-needed" @@ -529,16 +533,6 @@ SetPrivacyLevel() { changeFTLsetting "PRIVACYLEVEL" "${args[2]}" fi } -SetLocalDNSport() { - # Ensure port is a natural number { 0, 1, 2, 3, ... } - if [[ "${1}" == "0" ]]; then - delete_setting "LOCAL_DNS_PORT" - ProcessDNSSettings - elif [[ "${1}" =~ ^[0-9]+$ ]]; then - change_setting "LOCAL_DNS_PORT" "${1}" - ProcessDNSSettings - fi -} main() { args=("$@") @@ -570,7 +564,6 @@ main() { "adlist" ) CustomizeAdLists;; "audit" ) audit;; "-l" | "privacylevel" ) SetPrivacyLevel;; - "localdnsport" ) SetLocalDNSport "$3";; * ) helpFunc;; esac From 31951dae4c8dbefb7606251dfa800fcefe6614df Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Fri, 11 May 2018 14:31:42 +1000 Subject: [PATCH 105/277] Update index.php Avoiding calling empty() on a function allows this to work under PHP5. Making the check for blocklist generation in this way instead is compatible with both PHP5 and PHP7. Signed-off-by: Rob Gill --- advanced/index.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/advanced/index.php b/advanced/index.php index d097fe0f..041939a7 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -102,7 +102,8 @@ if ($serverName === "pi.hole") { $bpAskAdmin = !empty($svEmail) ? '' : ""; // Determine if at least one block list has been generated -if (empty(glob("/etc/pihole/list.0.*.domains"))) +$blocklistglob = glob("/etc/pihole/list.0.*.domains"); +if ($blocklistglob = "") die("[ERROR] There are no domain lists generated lists within /etc/pihole/! Please update gravity by running pihole -g, or repair Pi-hole using pihole -r."); // Set location of adlists file From 5e99baf7b9b9ae81ec3d07dd44919732d8dc31fc Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Fri, 11 May 2018 14:52:30 +1000 Subject: [PATCH 106/277] Update index.php thanks stickler-ci ....... Signed-off-by: Rob Gill --- advanced/index.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/advanced/index.php b/advanced/index.php index 041939a7..0f22908f 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -103,8 +103,9 @@ $bpAskAdmin = !empty($svEmail) ? '/etc/pihole/! Please update gravity by running pihole -g, or repair Pi-hole using pihole -r."); +} // Set location of adlists file if (is_file("/etc/pihole/adlists.list")) { From 9379487942ec0f9f733ac18de7b9a215503190ca Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Sat, 12 May 2018 10:49:01 +1000 Subject: [PATCH 107/277] changes as requested changes as requested Signed-off-by: Rob Gill --- advanced/index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/index.php b/advanced/index.php index 0f22908f..5503d604 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -103,7 +103,7 @@ $bpAskAdmin = !empty($svEmail) ? '/etc/pihole/! Please update gravity by running pihole -g, or repair Pi-hole using pihole -r."); } From 382c19024f6d7927a3684e9a77f7ae3e4252fdf6 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Sat, 12 May 2018 10:53:44 +1000 Subject: [PATCH 108/277] oh stickler bot... accidentally a space Signed-off-by: Rob Gill --- advanced/index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/index.php b/advanced/index.php index 5503d604..1575bafc 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -103,7 +103,7 @@ $bpAskAdmin = !empty($svEmail) ? '/etc/pihole/! Please update gravity by running pihole -g, or repair Pi-hole using pihole -r."); } From c1ecfbfe63961850f5d8f311fe9be2db08321de4 Mon Sep 17 00:00:00 2001 From: bcambl Date: Sat, 12 May 2018 19:39:17 -0600 Subject: [PATCH 109/277] linting: Double quote to prevent globbing and word splitting Signed-off-by: bcambl --- automated install/uninstall.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/automated install/uninstall.sh b/automated install/uninstall.sh index b58c3ecb..2bcf66bb 100755 --- a/automated install/uninstall.sh +++ b/automated install/uninstall.sh @@ -60,17 +60,17 @@ if [ -x "$(command -v apt-get)" ]; then dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed" } package_cleanup() { - ${SUDO} ${PKG_MANAGER} -y autoremove - ${SUDO} ${PKG_MANAGER} -y autoclean + "${SUDO} ${PKG_MANAGER}" -y autoremove + "${SUDO} ${PKG_MANAGER}" -y autoclean } elif [ -x "$(command -v rpm)" ]; then # Fedora Family PKG_REMOVE="${PKG_MANAGER} remove -y" package_check() { - rpm -qa | grep ^$1- > /dev/null + rpm -qa | grep "^$1-" > /dev/null } package_cleanup() { - ${SUDO} ${PKG_MANAGER} -y autoremove + "${SUDO} ${PKG_MANAGER}" -y autoremove } else echo -e " ${CROSS} OS distribution not supported" From adf2275018ea9e20b11c87d175d32530c35e30ba Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Mon, 14 May 2018 19:38:12 +1000 Subject: [PATCH 110/277] unbind resolved on ubuntu 18.04 Stop systemd-resolved from interfering with dnsmasq/ftl Signed-off-by: Rob Gill --- automated install/basic-install.sh | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 3100ce58..d4984061 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -2304,6 +2304,25 @@ main() { fi fi + # resolved and dnsmasq can't share port 53. + # resolved needs to remain in place for installer to download needed files + # so this change needs to be made after installation is complete, but before resarting dnsmasq/ftl + + # Check if running ubuntu 18.04 bionic beaver, which ships with resolved active on port 53 + # (This check may need to be broadened for other systems running resolved?) + if ( lsb_release -a | grep 'Ubuntu 18.04' &> /dev/null ); then + # Running ubuntu 18.04, so check if resolved is running, + if (systemctl is-enabled systemd-resolved | grep -c 'enabled' || true); then + # if resolveconf is running unbind it from port 53 + # Note that this breaks dns functionality on host until dnsmasq/ftl are up and running + echo -e "Unbinding resolved from port 53" + # Make a backup of the original /etc/systemd/resolveconf.d + # (This will need to be restored on uninstallation) + sed -i.orig 's/#DNSStubListener=yes/DNSStubListener=no/g' /etc/systemd/resolved.conf + systemctl restart systemd-resolved + fi + fi + # Enable FTL start_service pihole-FTL enable_service pihole-FTL From 3d3e7a330cf8809bd53254eb5a5a660fdb3f8053 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Mon, 14 May 2018 19:44:23 +1000 Subject: [PATCH 111/277] restore resolvd.conf If dnsmasq is removed, resolved will need to be restored. Signed-off-by: Rob Gill --- automated install/uninstall.sh | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/automated install/uninstall.sh b/automated install/uninstall.sh index 2f4c58a1..68eeec45 100755 --- a/automated install/uninstall.sh +++ b/automated install/uninstall.sh @@ -165,6 +165,13 @@ removeNoPurge() { ${SUDO} rm -f /etc/sudoers.d/pihole &> /dev/null echo -e " ${TICK} Removed config files" + # Restore resolved + if [[ -e /etc/systemd/resolved.conf.orig ]]; then + systemctl disable systemd-resolved + cp /etc/systemd/resolved.conf.orig /etc/systemd/resolved.conf + systemctl enable systemd-resolved + fi + # Remove FTL if command -v pihole-FTL &> /dev/null; then echo -ne " ${INFO} Removing pihole-FTL..." From 97809277df1ebe3f8a6546c9c4f0de5e75508c33 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Mon, 14 May 2018 19:50:58 +1000 Subject: [PATCH 112/277] Update uninstall.sh Signed-off-by: Rob Gill > --- automated install/uninstall.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/uninstall.sh b/automated install/uninstall.sh index 68eeec45..b339ed2c 100755 --- a/automated install/uninstall.sh +++ b/automated install/uninstall.sh @@ -168,7 +168,7 @@ removeNoPurge() { # Restore resolved if [[ -e /etc/systemd/resolved.conf.orig ]]; then systemctl disable systemd-resolved - cp /etc/systemd/resolved.conf.orig /etc/systemd/resolved.conf + ${SUDO} cp /etc/systemd/resolved.conf.orig /etc/systemd/resolved.conf systemctl enable systemd-resolved fi From 2f24e5ceb732d75d1c70967c9a3abe19a73f3fab Mon Sep 17 00:00:00 2001 From: RamSet Date: Mon, 14 May 2018 12:21:20 -0600 Subject: [PATCH 113/277] Minor correction for double instance of the word "found". Signed-off-by: RamSet --- pihole | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pihole b/pihole index cb75861b..b3f532af 100755 --- a/pihole +++ b/pihole @@ -232,7 +232,7 @@ Options: # Handle notices if [[ -z "${wbMatch:-}" ]] && [[ -z "${wcMatch:-}" ]] && [[ -z "${results[*]}" ]]; then - echo -e " ${INFO} No ${exact/t/t }results found for ${COL_BOLD}${domainQuery}${COL_NC} found within block lists" + echo -e " ${INFO} No ${exact/t/t }results found for ${COL_BOLD}${domainQuery}${COL_NC} within the block lists" exit 0 elif [[ -z "${results[*]}" ]]; then # Result found in WL/BL/Wildcards From b89a78ce1787dd917e604cbc6372473aacd36d4c Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Tue, 15 May 2018 19:42:18 +1000 Subject: [PATCH 114/277] message text Signed-off-by: Rob Gill > --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index d4984061..f5d17b04 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -2315,7 +2315,7 @@ main() { if (systemctl is-enabled systemd-resolved | grep -c 'enabled' || true); then # if resolveconf is running unbind it from port 53 # Note that this breaks dns functionality on host until dnsmasq/ftl are up and running - echo -e "Unbinding resolved from port 53" + echo -e "Disabling systemd-resolved DNSStubListener" # Make a backup of the original /etc/systemd/resolveconf.d # (This will need to be restored on uninstallation) sed -i.orig 's/#DNSStubListener=yes/DNSStubListener=no/g' /etc/systemd/resolved.conf From 25d0e125e58a3a921911be0257a9651a9606e459 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Tue, 15 May 2018 20:23:36 +1000 Subject: [PATCH 115/277] relocate as function The check for systemd-resolved DNSStubListener, and disabling as necessary is a new function, called just prior to start_service pihole-FTL. The check for ubuntu bionic 18.04 specifically is removed. The check if resolved is enabled is made with check_service_active() An additional check that the dnsstublistener is enabled is made. Signed-off-by: Rob Gill --- automated install/basic-install.sh | 39 ++++++++++++++++-------------- 1 file changed, 21 insertions(+), 18 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index f5d17b04..155e9f90 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1265,6 +1265,25 @@ check_service_active() { fi } +# Systemd-resolved's DNSStubListener and dnsmasq can't share port 53. +# Resolved needs to remain in place for installer to download needed files +# so this change needs to be made after installation is complete, but before resarting dnsmasq/ftl +disable_resolved_stublistener() { + # Check if Systemd-resolved's DNSSTub listener is enabled and active on port 53 + if check_service_active "systemd-resolved"; then + # Check if DNSStubListener is enabled + if ( grep '#DNSStubListener=yes' /etc/systemd/resolved.conf &> /dev/null ); then + # Disable the DNSStubListener to unbind it from port 53 + # Note that this breaks dns functionality on host until dnsmasq/ftl are up and running + echo -e "Disabling systemd-resolved DNSStubListener" + # Make a backup of the original /etc/systemd/resolved.conf + # (This will need to be restored on uninstallation) + sed -i.orig 's/#DNSStubListener=yes/DNSStubListener=no/g' /etc/systemd/resolved.conf + systemctl restart systemd-resolved + fi + fi +} + update_package_cache() { # Running apt-get update/upgrade with minimal output can cause some issues with # requiring user input (e.g password for phpmyadmin see #218) @@ -2304,24 +2323,8 @@ main() { fi fi - # resolved and dnsmasq can't share port 53. - # resolved needs to remain in place for installer to download needed files - # so this change needs to be made after installation is complete, but before resarting dnsmasq/ftl - - # Check if running ubuntu 18.04 bionic beaver, which ships with resolved active on port 53 - # (This check may need to be broadened for other systems running resolved?) - if ( lsb_release -a | grep 'Ubuntu 18.04' &> /dev/null ); then - # Running ubuntu 18.04, so check if resolved is running, - if (systemctl is-enabled systemd-resolved | grep -c 'enabled' || true); then - # if resolveconf is running unbind it from port 53 - # Note that this breaks dns functionality on host until dnsmasq/ftl are up and running - echo -e "Disabling systemd-resolved DNSStubListener" - # Make a backup of the original /etc/systemd/resolveconf.d - # (This will need to be restored on uninstallation) - sed -i.orig 's/#DNSStubListener=yes/DNSStubListener=no/g' /etc/systemd/resolved.conf - systemctl restart systemd-resolved - fi - fi + # Check for and if necessary disable systemd-resolved-DNSStubListener + disable_resolved_stublistener # Enable FTL start_service pihole-FTL From a431c829cbbecfbcfb6036047776fc6f4df73cd9 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Wed, 16 May 2018 07:11:23 +1000 Subject: [PATCH 116/277] Regex & case fix grep & sed regexes match commented or uncommented Signed-off-by: Rob Gill --- automated install/basic-install.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 155e9f90..d9efa280 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1269,16 +1269,16 @@ check_service_active() { # Resolved needs to remain in place for installer to download needed files # so this change needs to be made after installation is complete, but before resarting dnsmasq/ftl disable_resolved_stublistener() { - # Check if Systemd-resolved's DNSSTub listener is enabled and active on port 53 + # Check if Systemd-resolved's DNSStubListener is enabled and active on port 53 if check_service_active "systemd-resolved"; then # Check if DNSStubListener is enabled - if ( grep '#DNSStubListener=yes' /etc/systemd/resolved.conf &> /dev/null ); then + if ( grep -E '#?DNSStubListener=yes' /etc/systemd/resolved.conf &> /dev/null ); then # Disable the DNSStubListener to unbind it from port 53 # Note that this breaks dns functionality on host until dnsmasq/ftl are up and running echo -e "Disabling systemd-resolved DNSStubListener" # Make a backup of the original /etc/systemd/resolved.conf # (This will need to be restored on uninstallation) - sed -i.orig 's/#DNSStubListener=yes/DNSStubListener=no/g' /etc/systemd/resolved.conf + sed -r -i.orig 's/#?DNSStubListener=yes/DNSStubListener=no/g' /etc/systemd/resolved.conf systemctl restart systemd-resolved fi fi From c400b914e5d46765a8613c1745ad67778b753a77 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Wed, 16 May 2018 07:28:32 +1000 Subject: [PATCH 117/277] Update basic-install.sh Force reloading of relsolved config where available Signed-off-by: Rob Gill --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index d9efa280..47462723 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1279,7 +1279,7 @@ disable_resolved_stublistener() { # Make a backup of the original /etc/systemd/resolved.conf # (This will need to be restored on uninstallation) sed -r -i.orig 's/#?DNSStubListener=yes/DNSStubListener=no/g' /etc/systemd/resolved.conf - systemctl restart systemd-resolved + systemctl reload-or-restart systemd-resolved fi fi } From 15f0ba839f5f4979d3cc43397dfc4090910cc198 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Wed, 16 May 2018 07:35:22 +1000 Subject: [PATCH 118/277] reload resloved reload resolved config if possible, restart otherwise Signed-off-by: Rob Gill --- automated install/uninstall.sh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/automated install/uninstall.sh b/automated install/uninstall.sh index b339ed2c..70f8eeb3 100755 --- a/automated install/uninstall.sh +++ b/automated install/uninstall.sh @@ -167,9 +167,8 @@ removeNoPurge() { # Restore resolved if [[ -e /etc/systemd/resolved.conf.orig ]]; then - systemctl disable systemd-resolved ${SUDO} cp /etc/systemd/resolved.conf.orig /etc/systemd/resolved.conf - systemctl enable systemd-resolved + systemctl reload-or-restart systemd-resolved fi # Remove FTL From 8cfe89604af7d699b75b29fbede39f789636ffb8 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Thu, 17 May 2018 07:44:07 +1000 Subject: [PATCH 119/277] user-facing messages Signed-off-by: Rob Gill --- automated install/basic-install.sh | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 47462723..07a4adc1 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1266,21 +1266,28 @@ check_service_active() { } # Systemd-resolved's DNSStubListener and dnsmasq can't share port 53. -# Resolved needs to remain in place for installer to download needed files +# Resolved needs to remain in place for installer to download needed files, # so this change needs to be made after installation is complete, but before resarting dnsmasq/ftl disable_resolved_stublistener() { + echo -en " ${INFO} Testing if systemd-resolved is enabled" # Check if Systemd-resolved's DNSStubListener is enabled and active on port 53 if check_service_active "systemd-resolved"; then # Check if DNSStubListener is enabled + echo -en " ${OVER} ${INFO} Testing if systemd-resolved DNSStub-Listener is active" if ( grep -E '#?DNSStubListener=yes' /etc/systemd/resolved.conf &> /dev/null ); then # Disable the DNSStubListener to unbind it from port 53 # Note that this breaks dns functionality on host until dnsmasq/ftl are up and running - echo -e "Disabling systemd-resolved DNSStubListener" + echo -en "${OVER} ${TICK} Disabling systemd-resolved DNSStubListener" # Make a backup of the original /etc/systemd/resolved.conf # (This will need to be restored on uninstallation) sed -r -i.orig 's/#?DNSStubListener=yes/DNSStubListener=no/g' /etc/systemd/resolved.conf + echo -e " and restarting systemd-resolved" systemctl reload-or-restart systemd-resolved + else + echo -e "${OVER} ${INFO} Systemd-resolved does not need to be restarted" fi + else + echo -e "${OVER} ${INFO} Systemd-resolved is not enabled" fi } From 20ccb7b5589bc7f1b2f225995f4c9f0c3bf385aa Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Mon, 21 May 2018 08:16:53 +1000 Subject: [PATCH 120/277] move & clarify comments --- automated install/basic-install.sh | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 07a4adc1..3a8fe928 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1266,8 +1266,6 @@ check_service_active() { } # Systemd-resolved's DNSStubListener and dnsmasq can't share port 53. -# Resolved needs to remain in place for installer to download needed files, -# so this change needs to be made after installation is complete, but before resarting dnsmasq/ftl disable_resolved_stublistener() { echo -en " ${INFO} Testing if systemd-resolved is enabled" # Check if Systemd-resolved's DNSStubListener is enabled and active on port 53 @@ -2316,8 +2314,11 @@ main() { fi fi - echo -e " ${INFO} Restarting services..." - # Start services + # Check for and disable systemd-resolved-DNSStubListener before reloading resolved + # DNSStubListener needs to remain in place for installer to download needed files, + # so this change needs to be made after installation is complete, + # but before starting or resarting the dnsmasq or ftl services + disable_resolved_stublistener # If the Web server was installed, if [[ "${INSTALL_WEB_SERVER}" == true ]]; then @@ -2330,8 +2331,8 @@ main() { fi fi - # Check for and if necessary disable systemd-resolved-DNSStubListener - disable_resolved_stublistener + echo -e " ${INFO} Restarting services..." + # Start services # Enable FTL start_service pihole-FTL From 1911c3690d2970cb03741266dd44adf12be0e61c Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Tue, 29 May 2018 17:59:39 +1000 Subject: [PATCH 121/277] Style/Tabs to spaces uninstall.sh contains a mix of tabs and spaces for indentation in different parts of the file. Everywhere that used tabs has been converted to spaces, compatible with the indentation style used in basic_install.sh No code has been altered, only the use of tabs and spaces in indention. Signed-off-by: Rob Gill --- automated install/uninstall.sh | 208 ++++++++++++++++----------------- 1 file changed, 104 insertions(+), 104 deletions(-) diff --git a/automated install/uninstall.sh b/automated install/uninstall.sh index 2f4c58a1..a077ff44 100755 --- a/automated install/uninstall.sh +++ b/automated install/uninstall.sh @@ -11,29 +11,29 @@ source "/opt/pihole/COL_TABLE" while true; do - read -rp " ${QST} Are you sure you would like to remove ${COL_WHITE}Pi-hole${COL_NC}? [y/N] " yn - case ${yn} in - [Yy]* ) break;; - [Nn]* ) echo -e "\n ${COL_LIGHT_GREEN}Uninstall has been cancelled${COL_NC}"; exit 0;; + read -rp " ${QST} Are you sure you would like to remove ${COL_WHITE}Pi-hole${COL_NC}? [y/N] " yn + case ${yn} in + [Yy]* ) break;; + [Nn]* ) echo -e "\n ${COL_LIGHT_GREEN}Uninstall has been cancelled${COL_NC}"; exit 0;; * ) echo -e "\n ${COL_LIGHT_GREEN}Uninstall has been cancelled${COL_NC}"; exit 0;; - esac + esac done # Must be root to uninstall str="Root user check" if [[ ${EUID} -eq 0 ]]; then - echo -e " ${TICK} ${str}" + echo -e " ${TICK} ${str}" else - # Check if sudo is actually installed - # If it isn't, exit because the uninstall can not complete - if [ -x "$(command -v sudo)" ]; then - export SUDO="sudo" - else + # Check if sudo is actually installed + # If it isn't, exit because the uninstall can not complete + if [ -x "$(command -v sudo)" ]; then + export SUDO="sudo" + else echo -e " ${CROSS} ${str} Script called with non-root privileges The Pi-hole requires elevated privleges to uninstall" - exit 1 - fi + exit 1 + fi fi readonly PI_HOLE_FILES_DIR="/etc/.pihole" @@ -54,115 +54,115 @@ fi # Compatability if [ -x "$(command -v rpm)" ]; then - # Fedora Family - PKG_REMOVE="${PKG_MANAGER} remove -y" - package_check() { - rpm -qa | grep ^$1- > /dev/null - } - package_cleanup() { - ${SUDO} ${PKG_MANAGER} -y autoremove - } + # Fedora Family + PKG_REMOVE="${PKG_MANAGER} remove -y" + package_check() { + rpm -qa | grep ^$1- > /dev/null + } + package_cleanup() { + ${SUDO} ${PKG_MANAGER} -y autoremove + } elif [ -x "$(command -v apt-get)" ]; then - # Debian Family - PKG_REMOVE="${PKG_MANAGER} -y remove --purge" - package_check() { - dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed" - } - package_cleanup() { - ${SUDO} ${PKG_MANAGER} -y autoremove - ${SUDO} ${PKG_MANAGER} -y autoclean - } + # Debian Family + PKG_REMOVE="${PKG_MANAGER} -y remove --purge" + package_check() { + dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed" + } + package_cleanup() { + ${SUDO} ${PKG_MANAGER} -y autoremove + ${SUDO} ${PKG_MANAGER} -y autoclean + } else echo -e " ${CROSS} OS distribution not supported" - exit 1 + exit 1 fi removeAndPurge() { - # Purge dependencies + # Purge dependencies echo "" - for i in "${DEPS[@]}"; do - package_check ${i} > /dev/null - if [[ "$?" -eq 0 ]]; then - while true; do - read -rp " ${QST} Do you wish to remove ${COL_WHITE}${i}${COL_NC} from your system? [Y/N] " yn - case ${yn} in - [Yy]* ) + for i in "${DEPS[@]}"; do + package_check ${i} > /dev/null + if [[ "$?" -eq 0 ]]; then + while true; do + read -rp " ${QST} Do you wish to remove ${COL_WHITE}${i}${COL_NC} from your system? [Y/N] " yn + case ${yn} in + [Yy]* ) echo -ne " ${INFO} Removing ${i}..."; ${SUDO} ${PKG_REMOVE} "${i}" &> /dev/null; echo -e "${OVER} ${INFO} Removed ${i}"; break;; - [Nn]* ) echo -e " ${INFO} Skipped ${i}"; break;; - esac - done - else - echo -e " ${INFO} Package ${i} not installed" - fi - done + [Nn]* ) echo -e " ${INFO} Skipped ${i}"; break;; + esac + done + else + echo -e " ${INFO} Package ${i} not installed" + fi + done - # Remove dnsmasq config files - ${SUDO} rm -f /etc/dnsmasq.conf /etc/dnsmasq.conf.orig /etc/dnsmasq.d/01-pihole.conf &> /dev/null + # Remove dnsmasq config files + ${SUDO} rm -f /etc/dnsmasq.conf /etc/dnsmasq.conf.orig /etc/dnsmasq.d/01-pihole.conf &> /dev/null echo -e " ${TICK} Removing dnsmasq config files" - # Take care of any additional package cleaning - echo -ne " ${INFO} Removing & cleaning remaining dependencies..." - package_cleanup &> /dev/null + # Take care of any additional package cleaning + echo -ne " ${INFO} Removing & cleaning remaining dependencies..." + package_cleanup &> /dev/null echo -e "${OVER} ${TICK} Removed & cleaned up remaining dependencies" - # Call removeNoPurge to remove Pi-hole specific files - removeNoPurge + # Call removeNoPurge to remove Pi-hole specific files + removeNoPurge } removeNoPurge() { - # Only web directories/files that are created by Pi-hole should be removed - echo -ne " ${INFO} Removing Web Interface..." - ${SUDO} rm -rf /var/www/html/admin &> /dev/null - ${SUDO} rm -rf /var/www/html/pihole &> /dev/null - ${SUDO} rm -f /var/www/html/index.lighttpd.orig &> /dev/null + # Only web directories/files that are created by Pi-hole should be removed + echo -ne " ${INFO} Removing Web Interface..." + ${SUDO} rm -rf /var/www/html/admin &> /dev/null + ${SUDO} rm -rf /var/www/html/pihole &> /dev/null + ${SUDO} rm -f /var/www/html/index.lighttpd.orig &> /dev/null - # If the web directory is empty after removing these files, then the parent html folder can be removed. - if [ -d "/var/www/html" ]; then - if [[ ! "$(ls -A /var/www/html)" ]]; then - ${SUDO} rm -rf /var/www/html &> /dev/null - fi - fi + # If the web directory is empty after removing these files, then the parent html folder can be removed. + if [ -d "/var/www/html" ]; then + if [[ ! "$(ls -A /var/www/html)" ]]; then + ${SUDO} rm -rf /var/www/html &> /dev/null + fi + fi echo -e "${OVER} ${TICK} Removed Web Interface" - # Attempt to preserve backwards compatibility with older versions - # to guarantee no additional changes were made to /etc/crontab after - # the installation of pihole, /etc/crontab.pihole should be permanently - # preserved. - if [[ -f /etc/crontab.orig ]]; then - ${SUDO} mv /etc/crontab /etc/crontab.pihole - ${SUDO} mv /etc/crontab.orig /etc/crontab - ${SUDO} service cron restart + # Attempt to preserve backwards compatibility with older versions + # to guarantee no additional changes were made to /etc/crontab after + # the installation of pihole, /etc/crontab.pihole should be permanently + # preserved. + if [[ -f /etc/crontab.orig ]]; then + ${SUDO} mv /etc/crontab /etc/crontab.pihole + ${SUDO} mv /etc/crontab.orig /etc/crontab + ${SUDO} service cron restart echo -e " ${TICK} Restored the default system cron" - fi + fi - # Attempt to preserve backwards compatibility with older versions - if [[ -f /etc/cron.d/pihole ]];then - ${SUDO} rm -f /etc/cron.d/pihole &> /dev/null + # Attempt to preserve backwards compatibility with older versions + if [[ -f /etc/cron.d/pihole ]];then + ${SUDO} rm -f /etc/cron.d/pihole &> /dev/null echo -e " ${TICK} Removed /etc/cron.d/pihole" - fi + fi - package_check lighttpd > /dev/null - if [[ $? -eq 1 ]]; then - ${SUDO} rm -rf /etc/lighttpd/ &> /dev/null - echo -e " ${TICK} Removed lighttpd" - else - if [ -f /etc/lighttpd/lighttpd.conf.orig ]; then - ${SUDO} mv /etc/lighttpd/lighttpd.conf.orig /etc/lighttpd/lighttpd.conf - fi - fi + package_check lighttpd > /dev/null + if [[ $? -eq 1 ]]; then + ${SUDO} rm -rf /etc/lighttpd/ &> /dev/null + echo -e " ${TICK} Removed lighttpd" + else + if [ -f /etc/lighttpd/lighttpd.conf.orig ]; then + ${SUDO} mv /etc/lighttpd/lighttpd.conf.orig /etc/lighttpd/lighttpd.conf + fi + fi - ${SUDO} rm -f /etc/dnsmasq.d/adList.conf &> /dev/null - ${SUDO} rm -f /etc/dnsmasq.d/01-pihole.conf &> /dev/null - ${SUDO} rm -rf /var/log/*pihole* &> /dev/null - ${SUDO} rm -rf /etc/pihole/ &> /dev/null - ${SUDO} rm -rf /etc/.pihole/ &> /dev/null - ${SUDO} rm -rf /opt/pihole/ &> /dev/null - ${SUDO} rm -f /usr/local/bin/pihole &> /dev/null - ${SUDO} rm -f /etc/bash_completion.d/pihole &> /dev/null - ${SUDO} rm -f /etc/sudoers.d/pihole &> /dev/null + ${SUDO} rm -f /etc/dnsmasq.d/adList.conf &> /dev/null + ${SUDO} rm -f /etc/dnsmasq.d/01-pihole.conf &> /dev/null + ${SUDO} rm -rf /var/log/*pihole* &> /dev/null + ${SUDO} rm -rf /etc/pihole/ &> /dev/null + ${SUDO} rm -rf /etc/.pihole/ &> /dev/null + ${SUDO} rm -rf /opt/pihole/ &> /dev/null + ${SUDO} rm -f /usr/local/bin/pihole &> /dev/null + ${SUDO} rm -f /etc/bash_completion.d/pihole &> /dev/null + ${SUDO} rm -f /etc/sudoers.d/pihole &> /dev/null echo -e " ${TICK} Removed config files" # Remove FTL @@ -180,15 +180,15 @@ removeNoPurge() { echo -e "${OVER} ${TICK} Removed pihole-FTL" fi - # If the pihole user exists, then remove - if id "pihole" &> /dev/null; then - ${SUDO} userdel -r pihole 2> /dev/null + # If the pihole user exists, then remove + if id "pihole" &> /dev/null; then + ${SUDO} userdel -r pihole 2> /dev/null if [[ "$?" -eq 0 ]]; then echo -e " ${TICK} Removed 'pihole' user" else echo -e " ${CROSS} Unable to remove 'pihole' user" fi - fi + fi echo -e "\n We're sorry to see you go, but thanks for checking out Pi-hole! If you need help, reach out to us on Github, Discourse, Reddit or Twitter @@ -211,10 +211,10 @@ while true; do echo -n "${i} " done echo "${COL_NC}" - read -rp " ${QST} Do you wish to go through each dependency for removal? (Choosing No will leave all dependencies installed) [Y/n] " yn - case ${yn} in - [Yy]* ) removeAndPurge; break;; - [Nn]* ) removeNoPurge; break;; + read -rp " ${QST} Do you wish to go through each dependency for removal? (Choosing No will leave all dependencies installed) [Y/n] " yn + case ${yn} in + [Yy]* ) removeAndPurge; break;; + [Nn]* ) removeNoPurge; break;; * ) removeAndPurge; break;; - esac + esac done From ebeab06710cb8953bd14ed80d026e1c2b78f167b Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Tue, 29 May 2018 18:59:55 +1000 Subject: [PATCH 122/277] Appease Stickler-bot So... originally no changes were made to the code, but Stickler-bot was unimpressed, so I've followed its suggestions. Signed-off-by: Rob Gill --- automated install/uninstall.sh | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/automated install/uninstall.sh b/automated install/uninstall.sh index a077ff44..7d4782ba 100755 --- a/automated install/uninstall.sh +++ b/automated install/uninstall.sh @@ -57,10 +57,10 @@ if [ -x "$(command -v rpm)" ]; then # Fedora Family PKG_REMOVE="${PKG_MANAGER} remove -y" package_check() { - rpm -qa | grep ^$1- > /dev/null + rpm -qa | grep "^$1-" > /dev/null } package_cleanup() { - ${SUDO} ${PKG_MANAGER} -y autoremove + "${SUDO}" "${PKG_MANAGER}" -y autoremove } elif [ -x "$(command -v apt-get)" ]; then # Debian Family @@ -69,8 +69,8 @@ elif [ -x "$(command -v apt-get)" ]; then dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed" } package_cleanup() { - ${SUDO} ${PKG_MANAGER} -y autoremove - ${SUDO} ${PKG_MANAGER} -y autoclean + "${SUDO}" "${PKG_MANAGER}" -y autoremove + "${SUDO}" "${PKG_MANAGER}" -y autoclean } else echo -e " ${CROSS} OS distribution not supported" @@ -81,8 +81,7 @@ removeAndPurge() { # Purge dependencies echo "" for i in "${DEPS[@]}"; do - package_check ${i} > /dev/null - if [[ "$?" -eq 0 ]]; then + if package_check "${i}" > /dev/null; then while true; do read -rp " ${QST} Do you wish to remove ${COL_WHITE}${i}${COL_NC} from your system? [Y/N] " yn case ${yn} in From e6893bc419165e5a9d091b72dbe118e761eb84fd Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Tue, 29 May 2018 19:03:00 +1000 Subject: [PATCH 123/277] Update uninstall.sh Signed-off-by: Rob Gill --- automated install/uninstall.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/automated install/uninstall.sh b/automated install/uninstall.sh index 7d4782ba..d6bde208 100755 --- a/automated install/uninstall.sh +++ b/automated install/uninstall.sh @@ -14,8 +14,8 @@ while true; do read -rp " ${QST} Are you sure you would like to remove ${COL_WHITE}Pi-hole${COL_NC}? [y/N] " yn case ${yn} in [Yy]* ) break;; - [Nn]* ) echo -e "\n ${COL_LIGHT_GREEN}Uninstall has been cancelled${COL_NC}"; exit 0;; - * ) echo -e "\n ${COL_LIGHT_GREEN}Uninstall has been cancelled${COL_NC}"; exit 0;; + [Nn]* ) echo -e "${OVER} ${COL_LIGHT_GREEN}Uninstall has been cancelled${COL_NC}"; exit 0;; + * ) echo -e "${OVER} ${COL_LIGHT_GREEN}Uninstall has been cancelled${COL_NC}"; exit 0;; esac done From ff71379a8e5e88f35eda0c24b5d4c2c67bb3c778 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Thu, 31 May 2018 13:14:18 +1000 Subject: [PATCH 124/277] Convert from two to four space indetation Signed-Off-By: Rob Gill --- automated install/uninstall.sh | 300 ++++++++++++++++----------------- 1 file changed, 149 insertions(+), 151 deletions(-) diff --git a/automated install/uninstall.sh b/automated install/uninstall.sh index d6bde208..00c28a3a 100755 --- a/automated install/uninstall.sh +++ b/automated install/uninstall.sh @@ -11,29 +11,29 @@ source "/opt/pihole/COL_TABLE" while true; do - read -rp " ${QST} Are you sure you would like to remove ${COL_WHITE}Pi-hole${COL_NC}? [y/N] " yn - case ${yn} in - [Yy]* ) break;; - [Nn]* ) echo -e "${OVER} ${COL_LIGHT_GREEN}Uninstall has been cancelled${COL_NC}"; exit 0;; - * ) echo -e "${OVER} ${COL_LIGHT_GREEN}Uninstall has been cancelled${COL_NC}"; exit 0;; - esac + read -rp " ${QST} Are you sure you would like to remove ${COL_WHITE}Pi-hole${COL_NC}? [y/N] " yn + case ${yn} in + [Yy]* ) break;; + [Nn]* ) echo -e "${OVER} ${COL_LIGHT_GREEN}Uninstall has been cancelled${COL_NC}"; exit 0;; + * ) echo -e "${OVER} ${COL_LIGHT_GREEN}Uninstall has been cancelled${COL_NC}"; exit 0;; + esac done # Must be root to uninstall str="Root user check" if [[ ${EUID} -eq 0 ]]; then - echo -e " ${TICK} ${str}" + echo -e " ${TICK} ${str}" else - # Check if sudo is actually installed - # If it isn't, exit because the uninstall can not complete - if [ -x "$(command -v sudo)" ]; then - export SUDO="sudo" - else - echo -e " ${CROSS} ${str} - Script called with non-root privileges - The Pi-hole requires elevated privleges to uninstall" - exit 1 - fi + # Check if sudo is actually installed + # If it isn't, exit because the uninstall can not complete + if [ -x "$(command -v sudo)" ]; then + export SUDO="sudo" + else + echo -e " ${CROSS} ${str} + Script called with non-root privileges + The Pi-hole requires elevated privleges to uninstall" + exit 1 + fi fi readonly PI_HOLE_FILES_DIR="/etc/.pihole" @@ -48,172 +48,170 @@ distro_check # Install packages used by the Pi-hole DEPS=("${INSTALLER_DEPS[@]}" "${PIHOLE_DEPS[@]}") if [[ "${INSTALL_WEB_SERVER}" == true ]]; then - # Install the Web dependencies - DEPS+=("${PIHOLE_WEB_DEPS[@]}") + # Install the Web dependencies + DEPS+=("${PIHOLE_WEB_DEPS[@]}") fi # Compatability if [ -x "$(command -v rpm)" ]; then - # Fedora Family - PKG_REMOVE="${PKG_MANAGER} remove -y" - package_check() { - rpm -qa | grep "^$1-" > /dev/null - } - package_cleanup() { - "${SUDO}" "${PKG_MANAGER}" -y autoremove - } + # Fedora Family + PKG_REMOVE="${PKG_MANAGER} remove -y" + package_check() { + rpm -qa | grep "^$1-" > /dev/null + } + package_cleanup() { + "${SUDO}" "${PKG_MANAGER}" -y autoremove + } elif [ -x "$(command -v apt-get)" ]; then - # Debian Family - PKG_REMOVE="${PKG_MANAGER} -y remove --purge" - package_check() { - dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed" - } - package_cleanup() { - "${SUDO}" "${PKG_MANAGER}" -y autoremove - "${SUDO}" "${PKG_MANAGER}" -y autoclean - } + # Debian Family + PKG_REMOVE="${PKG_MANAGER} -y remove --purge" + package_check() { + dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed" + } + package_cleanup() { + "${SUDO}" "${PKG_MANAGER}" -y autoremove + "${SUDO}" "${PKG_MANAGER}" -y autoclean + } else - echo -e " ${CROSS} OS distribution not supported" - exit 1 + echo -e " ${CROSS} OS distribution not supported" + exit 1 fi removeAndPurge() { - # Purge dependencies - echo "" - for i in "${DEPS[@]}"; do - if package_check "${i}" > /dev/null; then - while true; do - read -rp " ${QST} Do you wish to remove ${COL_WHITE}${i}${COL_NC} from your system? [Y/N] " yn - case ${yn} in - [Yy]* ) - echo -ne " ${INFO} Removing ${i}..."; - ${SUDO} ${PKG_REMOVE} "${i}" &> /dev/null; - echo -e "${OVER} ${INFO} Removed ${i}"; - break;; - [Nn]* ) echo -e " ${INFO} Skipped ${i}"; break;; - esac - done - else - echo -e " ${INFO} Package ${i} not installed" - fi - done + # Purge dependencies + echo "" + for i in "${DEPS[@]}"; do + if package_check "${i}" > /dev/null; then + while true; do + read -rp " ${QST} Do you wish to remove ${COL_WHITE}${i}${COL_NC} from your system? [Y/N] " yn + case ${yn} in + [Yy]* ) + echo -ne " ${INFO} Removing ${i}..."; + ${SUDO} ${PKG_REMOVE} "${i}" &> /dev/null; + echo -e "${OVER} ${INFO} Removed ${i}"; + break;; + [Nn]* ) echo -e " ${INFO} Skipped ${i}"; break;; + esac + done + else + echo -e " ${INFO} Package ${i} not installed" + fi + done - # Remove dnsmasq config files - ${SUDO} rm -f /etc/dnsmasq.conf /etc/dnsmasq.conf.orig /etc/dnsmasq.d/01-pihole.conf &> /dev/null - echo -e " ${TICK} Removing dnsmasq config files" + # Remove dnsmasq config files + ${SUDO} rm -f /etc/dnsmasq.conf /etc/dnsmasq.conf.orig /etc/dnsmasq.d/01-pihole.conf &> /dev/null + echo -e " ${TICK} Removing dnsmasq config files" - # Take care of any additional package cleaning - echo -ne " ${INFO} Removing & cleaning remaining dependencies..." - package_cleanup &> /dev/null - echo -e "${OVER} ${TICK} Removed & cleaned up remaining dependencies" + # Take care of any additional package cleaning + echo -ne " ${INFO} Removing & cleaning remaining dependencies..." + package_cleanup &> /dev/null + echo -e "${OVER} ${TICK} Removed & cleaned up remaining dependencies" - # Call removeNoPurge to remove Pi-hole specific files - removeNoPurge + # Call removeNoPurge to remove Pi-hole specific files + removeNoPurge } removeNoPurge() { - # Only web directories/files that are created by Pi-hole should be removed - echo -ne " ${INFO} Removing Web Interface..." - ${SUDO} rm -rf /var/www/html/admin &> /dev/null - ${SUDO} rm -rf /var/www/html/pihole &> /dev/null - ${SUDO} rm -f /var/www/html/index.lighttpd.orig &> /dev/null + # Only web directories/files that are created by Pi-hole should be removed + echo -ne " ${INFO} Removing Web Interface..." + ${SUDO} rm -rf /var/www/html/admin &> /dev/null + ${SUDO} rm -rf /var/www/html/pihole &> /dev/null + ${SUDO} rm -f /var/www/html/index.lighttpd.orig &> /dev/null - # If the web directory is empty after removing these files, then the parent html folder can be removed. - if [ -d "/var/www/html" ]; then - if [[ ! "$(ls -A /var/www/html)" ]]; then - ${SUDO} rm -rf /var/www/html &> /dev/null + # If the web directory is empty after removing these files, then the parent html folder can be removed. + if [ -d "/var/www/html" ]; then + if [[ ! "$(ls -A /var/www/html)" ]]; then + ${SUDO} rm -rf /var/www/html &> /dev/null + fi fi - fi - echo -e "${OVER} ${TICK} Removed Web Interface" - - # Attempt to preserve backwards compatibility with older versions - # to guarantee no additional changes were made to /etc/crontab after - # the installation of pihole, /etc/crontab.pihole should be permanently - # preserved. - if [[ -f /etc/crontab.orig ]]; then - ${SUDO} mv /etc/crontab /etc/crontab.pihole - ${SUDO} mv /etc/crontab.orig /etc/crontab - ${SUDO} service cron restart - echo -e " ${TICK} Restored the default system cron" - fi - - # Attempt to preserve backwards compatibility with older versions - if [[ -f /etc/cron.d/pihole ]];then - ${SUDO} rm -f /etc/cron.d/pihole &> /dev/null - echo -e " ${TICK} Removed /etc/cron.d/pihole" - fi - - package_check lighttpd > /dev/null - if [[ $? -eq 1 ]]; then - ${SUDO} rm -rf /etc/lighttpd/ &> /dev/null - echo -e " ${TICK} Removed lighttpd" - else - if [ -f /etc/lighttpd/lighttpd.conf.orig ]; then - ${SUDO} mv /etc/lighttpd/lighttpd.conf.orig /etc/lighttpd/lighttpd.conf + echo -e "${OVER} ${TICK} Removed Web Interface" + + # Attempt to preserve backwards compatibility with older versions + # to guarantee no additional changes were made to /etc/crontab after + # the installation of pihole, /etc/crontab.pihole should be permanently + # preserved. + if [[ -f /etc/crontab.orig ]]; then + ${SUDO} mv /etc/crontab /etc/crontab.pihole + ${SUDO} mv /etc/crontab.orig /etc/crontab + ${SUDO} service cron restart + echo -e " ${TICK} Restored the default system cron" fi - fi - ${SUDO} rm -f /etc/dnsmasq.d/adList.conf &> /dev/null - ${SUDO} rm -f /etc/dnsmasq.d/01-pihole.conf &> /dev/null - ${SUDO} rm -rf /var/log/*pihole* &> /dev/null - ${SUDO} rm -rf /etc/pihole/ &> /dev/null - ${SUDO} rm -rf /etc/.pihole/ &> /dev/null - ${SUDO} rm -rf /opt/pihole/ &> /dev/null - ${SUDO} rm -f /usr/local/bin/pihole &> /dev/null - ${SUDO} rm -f /etc/bash_completion.d/pihole &> /dev/null - ${SUDO} rm -f /etc/sudoers.d/pihole &> /dev/null - echo -e " ${TICK} Removed config files" + # Attempt to preserve backwards compatibility with older versions + if [[ -f /etc/cron.d/pihole ]];then + ${SUDO} rm -f /etc/cron.d/pihole &> /dev/null + echo -e " ${TICK} Removed /etc/cron.d/pihole" + fi - # Remove FTL - if command -v pihole-FTL &> /dev/null; then - echo -ne " ${INFO} Removing pihole-FTL..." - - if [[ -x "$(command -v systemctl)" ]]; then - systemctl stop pihole-FTL + package_check lighttpd > /dev/null + if [[ $? -eq 1 ]]; then + ${SUDO} rm -rf /etc/lighttpd/ &> /dev/null + echo -e " ${TICK} Removed lighttpd" else - service pihole-FTL stop + if [ -f /etc/lighttpd/lighttpd.conf.orig ]; then + ${SUDO} mv /etc/lighttpd/lighttpd.conf.orig /etc/lighttpd/lighttpd.conf + fi fi - ${SUDO} rm -f /etc/init.d/pihole-FTL - ${SUDO} rm -f /usr/bin/pihole-FTL - echo -e "${OVER} ${TICK} Removed pihole-FTL" - fi + ${SUDO} rm -f /etc/dnsmasq.d/adList.conf &> /dev/null + ${SUDO} rm -f /etc/dnsmasq.d/01-pihole.conf &> /dev/null + ${SUDO} rm -rf /var/log/*pihole* &> /dev/null + ${SUDO} rm -rf /etc/pihole/ &> /dev/null + ${SUDO} rm -rf /etc/.pihole/ &> /dev/null + ${SUDO} rm -rf /opt/pihole/ &> /dev/null + ${SUDO} rm -f /usr/local/bin/pihole &> /dev/null + ${SUDO} rm -f /etc/bash_completion.d/pihole &> /dev/null + ${SUDO} rm -f /etc/sudoers.d/pihole &> /dev/null + echo -e " ${TICK} Removed config files" - # If the pihole user exists, then remove - if id "pihole" &> /dev/null; then - ${SUDO} userdel -r pihole 2> /dev/null - if [[ "$?" -eq 0 ]]; then - echo -e " ${TICK} Removed 'pihole' user" - else - echo -e " ${CROSS} Unable to remove 'pihole' user" + # Remove FTL + if command -v pihole-FTL &> /dev/null; then + echo -ne " ${INFO} Removing pihole-FTL..." + if [[ -x "$(command -v systemctl)" ]]; then + systemctl stop pihole-FTL + else + service pihole-FTL stop + fi + ${SUDO} rm -f /etc/init.d/pihole-FTL + ${SUDO} rm -f /usr/bin/pihole-FTL + echo -e "${OVER} ${TICK} Removed pihole-FTL" fi - fi - echo -e "\n We're sorry to see you go, but thanks for checking out Pi-hole! - If you need help, reach out to us on Github, Discourse, Reddit or Twitter - Reinstall at any time: ${COL_WHITE}curl -sSL https://install.pi-hole.net | bash${COL_NC} + # If the pihole user exists, then remove + if id "pihole" &> /dev/null; then + ${SUDO} userdel -r pihole 2> /dev/null + if [[ "$?" -eq 0 ]]; then + echo -e " ${TICK} Removed 'pihole' user" + else + echo -e " ${CROSS} Unable to remove 'pihole' user" + fi + fi - ${COL_LIGHT_RED}Please reset the DNS on your router/clients to restore internet connectivity - ${COL_LIGHT_GREEN}Uninstallation Complete! ${COL_NC}" + echo -e "\n We're sorry to see you go, but thanks for checking out Pi-hole! + If you need help, reach out to us on Github, Discourse, Reddit or Twitter + Reinstall at any time: ${COL_WHITE}curl -sSL https://install.pi-hole.net | bash${COL_NC} + + ${COL_LIGHT_RED}Please reset the DNS on your router/clients to restore internet connectivity + ${COL_LIGHT_GREEN}Uninstallation Complete! ${COL_NC}" } ######### SCRIPT ########### if command -v vcgencmd &> /dev/null; then - echo -e " ${INFO} All dependencies are safe to remove on Raspbian" + echo -e " ${INFO} All dependencies are safe to remove on Raspbian" else - echo -e " ${INFO} Be sure to confirm if any dependencies should not be removed" + echo -e " ${INFO} Be sure to confirm if any dependencies should not be removed" fi while true; do - echo -e " ${INFO} ${COL_YELLOW}The following dependencies may have been added by the Pi-hole install:" - echo -n " " - for i in "${DEPS[@]}"; do - echo -n "${i} " - done - echo "${COL_NC}" - read -rp " ${QST} Do you wish to go through each dependency for removal? (Choosing No will leave all dependencies installed) [Y/n] " yn - case ${yn} in - [Yy]* ) removeAndPurge; break;; - [Nn]* ) removeNoPurge; break;; - * ) removeAndPurge; break;; - esac + echo -e " ${INFO} ${COL_YELLOW}The following dependencies may have been added by the Pi-hole install:" + echo -n " " + for i in "${DEPS[@]}"; do + echo -n "${i} " + done + echo "${COL_NC}" + read -rp " ${QST} Do you wish to go through each dependency for removal? (Choosing No will leave all dependencies installed) [Y/n] " yn + case ${yn} in + [Yy]* ) removeAndPurge; break;; + [Nn]* ) removeNoPurge; break;; + * ) removeAndPurge; break;; + esac done From 552138e85188f5f3f013f322040db3be634d3420 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Thu, 31 May 2018 13:24:09 +1000 Subject: [PATCH 125/277] Appease stickler-bot. Signed-off-by: Rob Gill --- automated install/uninstall.sh | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/automated install/uninstall.sh b/automated install/uninstall.sh index 00c28a3a..b5a7964b 100755 --- a/automated install/uninstall.sh +++ b/automated install/uninstall.sh @@ -87,7 +87,7 @@ removeAndPurge() { case ${yn} in [Yy]* ) echo -ne " ${INFO} Removing ${i}..."; - ${SUDO} ${PKG_REMOVE} "${i}" &> /dev/null; + ${SUDO} "${PKG_REMOVE} ${i}" &> /dev/null; echo -e "${OVER} ${INFO} Removed ${i}"; break;; [Nn]* ) echo -e " ${INFO} Skipped ${i}"; break;; @@ -179,15 +179,14 @@ removeNoPurge() { # If the pihole user exists, then remove if id "pihole" &> /dev/null; then - ${SUDO} userdel -r pihole 2> /dev/null - if [[ "$?" -eq 0 ]]; then + if ${SUDO} userdel -r pihole 2> /dev/null; then echo -e " ${TICK} Removed 'pihole' user" else echo -e " ${CROSS} Unable to remove 'pihole' user" fi fi - echo -e "\n We're sorry to see you go, but thanks for checking out Pi-hole! + echo -e "\\n We're sorry to see you go, but thanks for checking out Pi-hole! If you need help, reach out to us on Github, Discourse, Reddit or Twitter Reinstall at any time: ${COL_WHITE}curl -sSL https://install.pi-hole.net | bash${COL_NC} From f2bedddce46d87ab2202926cf45d5cd3aaed93f6 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Thu, 31 May 2018 13:37:52 +1000 Subject: [PATCH 126/277] Changes from #2167 converted to spaces Signed-Off-By: Rob Gill --- automated install/uninstall.sh | 33 +++++++++++---------------------- 1 file changed, 11 insertions(+), 22 deletions(-) diff --git a/automated install/uninstall.sh b/automated install/uninstall.sh index b5a7964b..51e85946 100755 --- a/automated install/uninstall.sh +++ b/automated install/uninstall.sh @@ -53,24 +53,17 @@ if [[ "${INSTALL_WEB_SERVER}" == true ]]; then fi # Compatability -if [ -x "$(command -v rpm)" ]; then - # Fedora Family - PKG_REMOVE="${PKG_MANAGER} remove -y" - package_check() { - rpm -qa | grep "^$1-" > /dev/null - } - package_cleanup() { - "${SUDO}" "${PKG_MANAGER}" -y autoremove - } -elif [ -x "$(command -v apt-get)" ]; then +if [ -x "$(command -v apt-get)" ]; then # Debian Family PKG_REMOVE="${PKG_MANAGER} -y remove --purge" package_check() { dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -c "ok installed" } - package_cleanup() { - "${SUDO}" "${PKG_MANAGER}" -y autoremove - "${SUDO}" "${PKG_MANAGER}" -y autoclean +elif [ -x "$(command -v rpm)" ]; then + # Fedora Family + PKG_REMOVE="${PKG_MANAGER} remove -y" + package_check() { + rpm -qa | grep "^$1-" > /dev/null } else echo -e " ${CROSS} OS distribution not supported" @@ -81,13 +74,14 @@ removeAndPurge() { # Purge dependencies echo "" for i in "${DEPS[@]}"; do - if package_check "${i}" > /dev/null; then + package_check ${i} > /dev/null + if [[ "$?" -eq 0 ]]; then while true; do read -rp " ${QST} Do you wish to remove ${COL_WHITE}${i}${COL_NC} from your system? [Y/N] " yn case ${yn} in [Yy]* ) echo -ne " ${INFO} Removing ${i}..."; - ${SUDO} "${PKG_REMOVE} ${i}" &> /dev/null; + ${SUDO} ${PKG_REMOVE} "${i}" &> /dev/null; echo -e "${OVER} ${INFO} Removed ${i}"; break;; [Nn]* ) echo -e " ${INFO} Skipped ${i}"; break;; @@ -95,18 +89,13 @@ removeAndPurge() { done else echo -e " ${INFO} Package ${i} not installed" - fi + fi done # Remove dnsmasq config files - ${SUDO} rm -f /etc/dnsmasq.conf /etc/dnsmasq.conf.orig /etc/dnsmasq.d/01-pihole.conf &> /dev/null + ${SUDO} rm -f /etc/dnsmasq.conf /etc/dnsmasq.conf.orig /etc/dnsmasq.d/*-pihole*.conf &> /dev/null echo -e " ${TICK} Removing dnsmasq config files" - # Take care of any additional package cleaning - echo -ne " ${INFO} Removing & cleaning remaining dependencies..." - package_cleanup &> /dev/null - echo -e "${OVER} ${TICK} Removed & cleaned up remaining dependencies" - # Call removeNoPurge to remove Pi-hole specific files removeNoPurge } From f0dfa4d53d375f4e4741f2cbb28730e3609a89fa Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Thu, 31 May 2018 13:43:49 +1000 Subject: [PATCH 127/277] Stickler-bot... Signed-Off-By: Rob Gill --- automated install/uninstall.sh | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/automated install/uninstall.sh b/automated install/uninstall.sh index 51e85946..b8797dbb 100755 --- a/automated install/uninstall.sh +++ b/automated install/uninstall.sh @@ -74,14 +74,13 @@ removeAndPurge() { # Purge dependencies echo "" for i in "${DEPS[@]}"; do - package_check ${i} > /dev/null - if [[ "$?" -eq 0 ]]; then + if package_check "${i}" > /dev/null; then while true; do read -rp " ${QST} Do you wish to remove ${COL_WHITE}${i}${COL_NC} from your system? [Y/N] " yn case ${yn} in [Yy]* ) echo -ne " ${INFO} Removing ${i}..."; - ${SUDO} ${PKG_REMOVE} "${i}" &> /dev/null; + ${SUDO} "${PKG_REMOVE} ${i}" &> /dev/null; echo -e "${OVER} ${INFO} Removed ${i}"; break;; [Nn]* ) echo -e " ${INFO} Skipped ${i}"; break;; From b60a9fa371147d96bb10382aa58c4e47207017fa Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Fri, 1 Jun 2018 07:14:54 +1000 Subject: [PATCH 128/277] merge (#2) * remove package_check to avoid situations like #1760 Signed-off-by: Adam Warner * Prevent redundant entries in to adlists.list Grep ${args[3]} and only add if grep -c -eq 0 Signed-off-by: Ryan Knapper * lan to local Reduced differences. Signed-off-by: Ryan Knapper * Require exact match Updated to require an exact match to reduce false-positives, as suggested by DL6ER. Signed-off-by: Ryan Knapper * fix empty ports on some systems Signed-off-by: Jacob Salmela * debug user locale; improve function to parse variables and files Signed-off-by: Jacob Salmela * Split declaration and population for stickler. Signed-off-by: Dan Schaper * implement dschapers suggestions--better command, less subshells, and finer formatting Signed-off-by: Jacob Salmela * flip uninstall compatability check Signed-off-by: bcambl * Update index.php Avoiding calling empty() on a function allows this to work under PHP5. Making the check for blocklist generation in this way instead is compatible with both PHP5 and PHP7. Signed-off-by: Rob Gill * Update index.php thanks stickler-ci ....... Signed-off-by: Rob Gill * changes as requested changes as requested Signed-off-by: Rob Gill * oh stickler bot... accidentally a space Signed-off-by: Rob Gill * linting: Double quote to prevent globbing and word splitting Signed-off-by: bcambl * unbind resolved on ubuntu 18.04 Stop systemd-resolved from interfering with dnsmasq/ftl Signed-off-by: Rob Gill * restore resolvd.conf If dnsmasq is removed, resolved will need to be restored. Signed-off-by: Rob Gill * Update uninstall.sh Signed-off-by: Rob Gill > * Minor correction for double instance of the word "found". Signed-off-by: RamSet * message text Signed-off-by: Rob Gill > * relocate as function The check for systemd-resolved DNSStubListener, and disabling as necessary is a new function, called just prior to start_service pihole-FTL. The check for ubuntu bionic 18.04 specifically is removed. The check if resolved is enabled is made with check_service_active() An additional check that the dnsstublistener is enabled is made. Signed-off-by: Rob Gill * Regex & case fix grep & sed regexes match commented or uncommented Signed-off-by: Rob Gill * Update basic-install.sh Force reloading of relsolved config where available Signed-off-by: Rob Gill * reload resloved reload resolved config if possible, restart otherwise Signed-off-by: Rob Gill * user-facing messages Signed-off-by: Rob Gill * move & clarify comments --- advanced/Scripts/piholeDebug.sh | 32 ++++++++++++++++++++++------ advanced/Scripts/webpage.sh | 19 +++-------------- advanced/index.php | 4 +++- automated install/basic-install.sh | 34 ++++++++++++++++++++++++++++-- automated install/uninstall.sh | 1 + pihole | 2 +- 6 files changed, 65 insertions(+), 27 deletions(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index 94ff3fb3..a7fa4c2a 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -493,6 +493,13 @@ parse_setup_vars() { fi } +parse_locale() { + local pihole_locale + echo_current_diagnostic "Locale" + pihole_locale="$(locale)" + parse_file "${pihole_locale}" +} + does_ip_match_setup_vars() { # Check for IPv4 or 6 local protocol="${1}" @@ -652,15 +659,22 @@ check_required_ports() { # Sort the addresses and remove duplicates while IFS= read -r line; do ports_in_use+=( "$line" ) - done < <( lsof -i -P -n | awk -F' ' '/LISTEN/ {print $9, $1}' | sort -n | uniq | cut -d':' -f2 ) + done < <( lsof -iTCP -sTCP:LISTEN -P -n +c 10 ) # Now that we have the values stored, for i in "${!ports_in_use[@]}"; do # loop through them and assign some local variables - local port_number - port_number="$(echo "${ports_in_use[$i]}" | awk '{print $1}')" local service_name - service_name=$(echo "${ports_in_use[$i]}" | awk '{print $2}') + service_name=$(echo "${ports_in_use[$i]}" | awk '{print $1}') + local protocol_type + protocol_type=$(echo "${ports_in_use[$i]}" | awk '{print $5}') + local port_number + port_number="$(echo "${ports_in_use[$i]}" | awk '{print $9}')" + + # Skip the line if it's the titles of the columns the lsof command produces + if [[ "${service_name}" == COMMAND ]]; then + continue + fi # Use a case statement to determine if the right services are using the right ports case "${port_number}" in 53) compare_port_to_service_assigned "${resolver}" @@ -670,7 +684,7 @@ check_required_ports() { 4711) compare_port_to_service_assigned "${ftl}" ;; # If it's not a default port that Pi-hole needs, just print it out for the user to see - *) log_write "[${port_number}] is in use by ${service_name}"; + *) log_write "${port_number} ${service_name} (${protocol_type})"; esac done } @@ -879,8 +893,11 @@ parse_file() { # Put the current Internal Field Separator into another variable so it can be restored later OLD_IFS="$IFS" # Get the lines that are in the file(s) and store them in an array for parsing later - IFS=$'\r\n' command eval 'file_info=( $(cat "${filename}") )' - + if [[ -f "$filename" ]]; then + IFS=$'\r\n' command eval 'file_info=( $(cat "${filename}") )' + else + read -a file_info <<< $filename + fi # Set a named variable for better readability local file_lines # For each line in the file, @@ -1193,6 +1210,7 @@ parse_setup_vars check_x_headers analyze_gravity_list show_content_of_pihole_files +parse_locale analyze_pihole_log copy_to_debug_log upload_to_tricorder diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh index 8a85839f..48161604 100755 --- a/advanced/Scripts/webpage.sh +++ b/advanced/Scripts/webpage.sh @@ -204,10 +204,6 @@ trust-anchor=.,20326,8,2,E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC68345710423 add_dnsmasq_setting "interface" "${PIHOLE_INTERFACE}" fi - if [[ "${CONDITIONAL_FORWARDING}" == true ]]; then - add_dnsmasq_setting "server=/${CONDITIONAL_FORWARDING_DOMAIN}/${CONDITIONAL_FORWARDING_IP}" - add_dnsmasq_setting "server=/${CONDITIONAL_FORWARDING_REVERSE}/${CONDITIONAL_FORWARDING_IP}" - fi } @@ -237,17 +233,6 @@ SetDNSServers() { else change_setting "DNSSEC" "false" fi - if [[ "${args[6]}" == "conditional_forwarding" ]]; then - change_setting "CONDITIONAL_FORWARDING" "true" - change_setting "CONDITIONAL_FORWARDING_IP" "${args[7]}" - change_setting "CONDITIONAL_FORWARDING_DOMAIN" "${args[8]}" - change_setting "CONDITIONAL_FORWARDING_REVERSE" "${args[9]}" - else - change_setting "CONDITIONAL_FORWARDING" "false" - delete_setting "CONDITIONAL_FORWARDING_IP" - delete_setting "CONDITIONAL_FORWARDING_DOMAIN" - delete_setting "CONDITIONAL_FORWARDING_REVERSE" - fi ProcessDNSSettings @@ -383,7 +368,9 @@ CustomizeAdLists() { elif [[ "${args[2]}" == "disable" ]]; then sed -i "\\@${args[3]}@s/^http/#http/g" "${list}" elif [[ "${args[2]}" == "add" ]]; then - echo "${args[3]}" >> ${list} + if [[ $(grep -c "^${args[3]}$" "${list}") -eq 0 ]] ; then + echo "${args[3]}" >> ${list} + fi elif [[ "${args[2]}" == "del" ]]; then var=$(echo "${args[3]}" | sed 's/\//\\\//g') sed -i "/${var}/Id" "${list}" diff --git a/advanced/index.php b/advanced/index.php index d097fe0f..1575bafc 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -102,8 +102,10 @@ if ($serverName === "pi.hole") { $bpAskAdmin = !empty($svEmail) ? '' : ""; // Determine if at least one block list has been generated -if (empty(glob("/etc/pihole/list.0.*.domains"))) +$blocklistglob = glob("/etc/pihole/list.0.*.domains"); +if ($blocklistglob === array()) { die("[ERROR] There are no domain lists generated lists within /etc/pihole/! Please update gravity by running pihole -g, or repair Pi-hole using pihole -r."); +} // Set location of adlists file if (is_file("/etc/pihole/adlists.list")) { diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 3100ce58..3a8fe928 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1265,6 +1265,30 @@ check_service_active() { fi } +# Systemd-resolved's DNSStubListener and dnsmasq can't share port 53. +disable_resolved_stublistener() { + echo -en " ${INFO} Testing if systemd-resolved is enabled" + # Check if Systemd-resolved's DNSStubListener is enabled and active on port 53 + if check_service_active "systemd-resolved"; then + # Check if DNSStubListener is enabled + echo -en " ${OVER} ${INFO} Testing if systemd-resolved DNSStub-Listener is active" + if ( grep -E '#?DNSStubListener=yes' /etc/systemd/resolved.conf &> /dev/null ); then + # Disable the DNSStubListener to unbind it from port 53 + # Note that this breaks dns functionality on host until dnsmasq/ftl are up and running + echo -en "${OVER} ${TICK} Disabling systemd-resolved DNSStubListener" + # Make a backup of the original /etc/systemd/resolved.conf + # (This will need to be restored on uninstallation) + sed -r -i.orig 's/#?DNSStubListener=yes/DNSStubListener=no/g' /etc/systemd/resolved.conf + echo -e " and restarting systemd-resolved" + systemctl reload-or-restart systemd-resolved + else + echo -e "${OVER} ${INFO} Systemd-resolved does not need to be restarted" + fi + else + echo -e "${OVER} ${INFO} Systemd-resolved is not enabled" + fi +} + update_package_cache() { # Running apt-get update/upgrade with minimal output can cause some issues with # requiring user input (e.g password for phpmyadmin see #218) @@ -2290,8 +2314,11 @@ main() { fi fi - echo -e " ${INFO} Restarting services..." - # Start services + # Check for and disable systemd-resolved-DNSStubListener before reloading resolved + # DNSStubListener needs to remain in place for installer to download needed files, + # so this change needs to be made after installation is complete, + # but before starting or resarting the dnsmasq or ftl services + disable_resolved_stublistener # If the Web server was installed, if [[ "${INSTALL_WEB_SERVER}" == true ]]; then @@ -2304,6 +2331,9 @@ main() { fi fi + echo -e " ${INFO} Restarting services..." + # Start services + # Enable FTL start_service pihole-FTL enable_service pihole-FTL diff --git a/automated install/uninstall.sh b/automated install/uninstall.sh index b8797dbb..44753a59 100755 --- a/automated install/uninstall.sh +++ b/automated install/uninstall.sh @@ -65,6 +65,7 @@ elif [ -x "$(command -v rpm)" ]; then package_check() { rpm -qa | grep "^$1-" > /dev/null } + else echo -e " ${CROSS} OS distribution not supported" exit 1 diff --git a/pihole b/pihole index cb75861b..b3f532af 100755 --- a/pihole +++ b/pihole @@ -232,7 +232,7 @@ Options: # Handle notices if [[ -z "${wbMatch:-}" ]] && [[ -z "${wcMatch:-}" ]] && [[ -z "${results[*]}" ]]; then - echo -e " ${INFO} No ${exact/t/t }results found for ${COL_BOLD}${domainQuery}${COL_NC} found within block lists" + echo -e " ${INFO} No ${exact/t/t }results found for ${COL_BOLD}${domainQuery}${COL_NC} within the block lists" exit 0 elif [[ -z "${results[*]}" ]]; then # Result found in WL/BL/Wildcards From f35ea9a3ca65c5cea9c0d9e64a629fc644d23cbe Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Fri, 1 Jun 2018 11:57:59 +1000 Subject: [PATCH 129/277] replace code i missed during merge Signed-off-by: Rob Gill --- automated install/uninstall.sh | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/automated install/uninstall.sh b/automated install/uninstall.sh index b8797dbb..301be4e3 100755 --- a/automated install/uninstall.sh +++ b/automated install/uninstall.sh @@ -88,7 +88,7 @@ removeAndPurge() { done else echo -e " ${INFO} Package ${i} not installed" - fi + fi done # Remove dnsmasq config files @@ -154,6 +154,10 @@ removeNoPurge() { # Remove FTL if command -v pihole-FTL &> /dev/null; then + if [[ -e /etc/systemd/resolved.conf.orig ]]; then + ${SUDO} cp /etc/systemd/resolved.conf.orig /etc/systemd/resolved.conf + systemctl reload-or-restart systemd-resolved + fi echo -ne " ${INFO} Removing pihole-FTL..." if [[ -x "$(command -v systemctl)" ]]; then systemctl stop pihole-FTL From cadd0e42447869c73aae3efad0358f510d60046d Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Fri, 1 Jun 2018 14:03:13 +1000 Subject: [PATCH 130/277] move code back to correct location Signed-off-by: Rob Gill --- automated install/uninstall.sh | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/automated install/uninstall.sh b/automated install/uninstall.sh index 301be4e3..0a51fd4a 100755 --- a/automated install/uninstall.sh +++ b/automated install/uninstall.sh @@ -152,12 +152,14 @@ removeNoPurge() { ${SUDO} rm -f /etc/sudoers.d/pihole &> /dev/null echo -e " ${TICK} Removed config files" + # Restore Resolved + if [[ -e /etc/systemd/resolved.conf.orig ]]; then + ${SUDO} cp /etc/systemd/resolved.conf.orig /etc/systemd/resolved.conf + systemctl reload-or-restart systemd-resolved + fi + # Remove FTL if command -v pihole-FTL &> /dev/null; then - if [[ -e /etc/systemd/resolved.conf.orig ]]; then - ${SUDO} cp /etc/systemd/resolved.conf.orig /etc/systemd/resolved.conf - systemctl reload-or-restart systemd-resolved - fi echo -ne " ${INFO} Removing pihole-FTL..." if [[ -x "$(command -v systemctl)" ]]; then systemctl stop pihole-FTL From 3be19046538442f977b77f5519b4988d6cf1d422 Mon Sep 17 00:00:00 2001 From: "Alexander A. Klimov" Date: Fri, 1 Jun 2018 10:20:40 +0200 Subject: [PATCH 131/277] basic-install.sh: fix "install: invalid user ''" refs #1767 --- automated install/basic-install.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 3152d9c1..97e8194b 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -57,6 +57,10 @@ IPV6_ADDRESS="" QUERY_LOGGING=true INSTALL_WEB=true +if [ -z "${USER}" ]; then + USER="$(id -un)" +fi + # Find the rows and columns will default to 80x24 if it can not be detected screen_size=$(stty size 2>/dev/null || echo 24 80) From ef17f4913b5444965138179443bbfab2bac30fa2 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Sat, 2 Jun 2018 09:39:51 +1000 Subject: [PATCH 132/277] Create pihole.8 Linux man page for pihole Signed-off-by: Rob Gill --- pihole.8 | 326 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 326 insertions(+) create mode 100644 pihole.8 diff --git a/pihole.8 b/pihole.8 new file mode 100644 index 00000000..d62dbf8a --- /dev/null +++ b/pihole.8 @@ -0,0 +1,326 @@ +.TH "Pi-hole" "8" "Pi-hole" "Pi-hole" "May 2018" +.SH "NAME" + +Pi-hole : A black-hole for internet advertisements +.br +.SH "SYNOPSIS" + +\fBpihole\fR (\fB-w\fR|\fB-b\fR|\fB-wild\fR) [options] domain(s) +.br +\fBpihole -a\fR \fB-p\fR password +.br +\fBpihole -a\fR (-c|-f|-k) +.br +\fBpihole -a\fR [\fB-r\fR hostrecord] +.br +\fBpihole -a -e\fR email +.br +\fBpihole -a -i\fR interface +.br +\fBpihole -a -l\fR privacylevel +.br +\fBpihole -c\fR [-j|-r|-e] +.br +\fBpihole\fR \fB-d\fR [-a] +.br +\fBpihole -f +.br +pihole -r +.br +pihole -t +.br +pihole -g\fR +.br +\fBpihole\fR -\fBq\fR [options] +.br +\fBpihole\fR \fB-l\fR (on|off|off noflush) +.br +\fBpihole -up \fR[--checkonly] +.br +\fBpihole uninstall +.br +pihole status +.br +pihole restartdns\fR +.br +\fBpihole\fR (\fBenable\fR|\fBdisable\fR [time]) +.br +\fBpihole\fR \fBcheckout\fR repo [branch] +.br +\fBpihole\fR \fBhelp\fR +.br +.SH "DESCRIPTION" + +Available commands and options: +.br + +\fB-w, whitelist\fR [options] [ ] +.br + Adds or removes specified domain or domains tho the Whitelist +.br + +\fB-b, blacklist\fR [options] [ ] +.br + Adds or removes specified domain or domains to the blacklist +.br + +\fB-wild, wildcard\fR [options] [ ] +.br + Add or removes specified domain, and all subdomains to the blacklist +.br + +.br + (Whitelist/Blacklist manipulation options): +.br + -d, --delmode Remove domain(s) from the list +.br + -nr, --noreload Update list without refreshing dnsmasq +.br + -q, --quiet Make output less verbose +.br + -l, --list Display all your listed domains +.br + --nuke Removes all entries in a list +.br + +\fB-d, debug\fR [\fB-a\fR] +.br + Start a debugging session Add '-a' to enable automated debugging +.br + +\fB-f, flush\fR +.br + Flush the Pi-hole log +.br + +.br +\fB-r, reconfigure\fR +.br + Reconfigure or Repair Pi-hole subsystems +.br + +\fB-t, tail\fR +.br + View the live output of the Pi-hole log +.br + +\fB-a, admin\fR [options] Console +.br + +.br + (Admin console options): +.br + -p, password Set Admin Console password +.br + -c, celsius Set Celsius as preferred temperature unit +.br + -f, fahrenheit Set Fahrenheit as preferred temperature unit +.br + -k, kelvin Set Kelvin as preferred temperature unit +.br + -r, hostrecord Add a name to the DNS associated to an IPv4/IPv6 address +.br + -e, email Set an administrative contact address for the Block Page +.br + -i, interface Specify dnsmasq's interface listening behavior +.br + -l, privacylevel Set privacy level (0 = lowest, 3 = highest) +.br + +.br +\fB-c, chronometer\fR [options] +.br + Calculates stats and displays to an LCD +.br + + (Chronometer Options): +.br + -j, --json Output stats as JSON formatted string +.br + -r, --refresh Set update frequency (in seconds) +.br + -e, --exit Output stats and exit witout refreshing +.br + +\fB-g, updateGravity\fR +.br + Update the list of ad-serving domains +.br + +\fB-q, query\fR [option] +.br + Query the adlists for a specified domain +.br + + (Query options): +.br + -adlist Print the name of the block list URL +.br + -exact Search the block lists for exact domain matches +.br + -all Return all query matches within a block list +.br + +\fB-h, --help, help\fR +.br + Show a help dialog +.br + +\fB-l, logging\fR [on|off|off noflush] +.br + Specify whether the Pi-hole log should be used +.br + + (Logging options): +.br + on Enable the Pi-hole log at /var/log/pihole.log +.br + off Disable and flush the Pi-hole log at /var/log/pihole.log +.br + off noflush Disable the Pi-hole log at /var/log/pihole.log +.br + +.br +\fB-up, updat\fBe\fR\fR\fBPihole\fR [--check-only] +.br + Update Pi-hole subsystems +.br + Add '--check-only' to exit script before update is performed. +.br + +\fB-v, version\fR [repo] [options] +.br + Show installed versions of Pi-hole, Admin Console & FTL +.br + +.br + (repo options): +.br + -p, --pihole Only retrieve info regarding Pi-hole repository +.br + -a, --admin Only retrieve info regarding AdminLTE repository +.br + -f, --ftl Only retrieve info regarding FTL repository +.br + (version options): +.br + -c, --current Return the current version +.br + -l, --latest Return the latest version +.br + --hash Return the Github hash from your local repositories +.br + +\fBuninstall\fR +.br + Uninstall Pi-hole from your system +.br + +\fBstatus\fR +.br + Display the running status of Pi-hole subsystems +.br + +\fBenable\fR +.br + Enable Pi-hole subsystems +.br + +\fBdisable\fR [time] +.br + Disable Pi-hole subsystems, optionally for a set duration +.br + +.br + (time options): +.br + #s Disable Pi-hole functionality for # second(s) +.br + #m Disable Pi-hole functionality for # minute(s) +.br + +\fBrestartdns\fR +.br + Restart Pi-hole subsystems +.br + +\fBcheckout\fR [repo][branch] +.br + Switch Pi-hole subsystems to a different Github branch +.br + + (repo options): +.br + core Change the branch of Pi-hole's core subsystem +.br + web Change the branch of Admin Console subsystem +.br + ftl Change the branch of Pi-hole's FTL subsystem +.br + (branch options): +.br + master Update subsystems to the latest stable release +.br + dev Update subsystems to the latest development release +.br + +.SH "EXAMPLE" +Some usage examples +.br + + Whitelist/blacklist manipulation +.br + + \fBpihole -w iloveads.example.com\fR Add "iloveads.example.com" to whitelist +.br + \fBpihole -b -d noads.example.com\fR Remove "noads.example.com" from blacklist +.br + \fBpihole -wild ads.example\fR Add "ads.example" as wildcard - would block ads.example.net +.br + + Changing the web ui password +.br + +.br + \fBpihole -a -p ExamplePassword\fR Change the password to "ExamplePassword" +.br + + Updating lists from internet sources +.br + +.br + \fBpihole -g\fR Update the list of ad-serving domains +.br + + Displaying version information +.br + +.br + \fBpihole -v -c\fR Display the current version of AdminLTE +.br + +.br + Temporarily disabling Pi-hole +.br + +.br + \fBpihole disable 5m\fR Disable Pi-hole functionality for five minutes +.br + +.br + Switching Pi-hole subsystem branches +.br + +.br + \fBpihole checkout master\fR Switch to master branch +.br + \fBpihole checkout core dev\fR Switch to core development branch +.br +.SH "SEE ALSO" + +dmasq(8), lighttpd(8) +.br +.SH "COLOPHON" + +Get sucked into the latest news and community activity by entering Pi-hole's orbit. Information about Pi-hole, and the latest version of the software can be found at https://pi-hole.net. +.br From a8103ca22d1c3de39376809e97f07bff6ba23584 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Sat, 2 Jun 2018 09:45:04 +1000 Subject: [PATCH 133/277] Manual page install function Function to install man page. Verifies that man pages are installed, and correct directory for the pihole manpage is present. Copies file, and runs man-db to update man page database. Signed-off-by: Rob Gill --- automated install/basic-install.sh | 34 ++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 43d4b7c2..9b5fde8e 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1193,6 +1193,37 @@ installConfigs() { fi } +install_manpage() { + # Copy Pi-hole man page and call mandb to update man page database + # Default location for man files for /usr/local/bin is /usr/local/share/man + # on lightweight systems may not be present, so check before copying. + echo -en " ${INFO} Testing man page installation" + if ! command -v mandb; then + # if mandb is not present, no manpage support + echo -e "${OVER} ${INFO} man not installed" + return + elif [[ ! -d "/usr/local/share/man" ]]; then + # appropriate directory for Pi-hole's man page is not present + echo -e "${OVER} ${INFO} man page not installed" + return + elif [[ ! -d "/usr/local/share/man/man8"]]; then + # if not present, create man8 directory + mkdir /usr/local/share/man/man8 + fi + # Testing complete, copy the file & update the man db + cp ${PI_HOLE_LOCAL_REPO}/pihole.8 /usr/local/share/man/man8/pihole.8 + if mandb -q &>/dev/null; then + # Updated successfully + echo -e "${OVER} ${TICK} man page installed and database updated" + return + else + # Something is wrong with the system's man installation, clean up + # our file, (leave everything how we found it). + rm /usr/local/share/man/man8/pihole.8 + echo -e "${OVER} ${INFO} man page db not updated, man page not installed" + fi +} + stop_service() { # Stop service passed in as argument. # Can softfail, as process may not be installed when this is called @@ -1695,6 +1726,9 @@ installPihole() { configureFirewall fi + # install a man page entry for pihole + install_manpage + # Update setupvars.conf with any variables that may or may not have been changed during the install finalExports } From 999e47a26c28c627836c4b8dd4ea56f8f29f8f80 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Sat, 2 Jun 2018 09:50:52 +1000 Subject: [PATCH 134/277] Remove manual page Tests for presence of pihole man page. If it is present, deletes it and runs man-db to rebuild manual database. Signed-off-by: Rob Gill --- automated install/uninstall.sh | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/automated install/uninstall.sh b/automated install/uninstall.sh index 0a51fd4a..4525f42f 100755 --- a/automated install/uninstall.sh +++ b/automated install/uninstall.sh @@ -171,6 +171,13 @@ removeNoPurge() { echo -e "${OVER} ${TICK} Removed pihole-FTL" fi + # If the pihole manpage exists, then delete and rebuild man-db + if [[ -f /usr/local/share/man/man8/pihole.8 ]]; then + ${SUDO} rm -f /usr/local/share/man/man8/pihole.8 + ${SUDO} mandb -q &>/dev/null + echo -e " ${TICK} Removed pihole man page" + fi + # If the pihole user exists, then remove if id "pihole" &> /dev/null; then if ${SUDO} userdel -r pihole 2> /dev/null; then From a8f0283e93ba8d7dd3ea4cfb6d4361c9523d0d4d Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Sat, 2 Jun 2018 10:11:11 +1000 Subject: [PATCH 135/277] Update basic-install.sh This hands checking of lighttpd's status over to the existing check_service_active() function. All other checks of service status within the install script are handled by this function. Use of existing function: Avoids duplication of service detection logic. Uses return code to determine status, thereby avoids parsing text to determine status, and reliance on English language locale to determine activity, (which may also be broken on some systems (# 2204) Signed-off-by: Rob Gill --- automated install/basic-install.sh | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 43d4b7c2..fcc66fe1 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -2290,15 +2290,13 @@ main() { if [[ "${INSTALL_WEB_SERVER}" == true ]]; then enable_service lighttpd fi - - if [[ -x "$(command -v systemctl)" ]]; then - # Value will either be 1, if true, or 0 - LIGHTTPD_ENABLED=$(systemctl is-enabled lighttpd | grep -c 'enabled' || true) - else - # Value will either be 1, if true, or 0 - LIGHTTPD_ENABLED=$(service lighttpd status | awk '/Loaded:/ {print $0}' | grep -c 'enabled' || true) + # Determin if lighttpd is correctly enabled + if check_service_active "lighttpd"; then + LIGHTTPD_ENABLED=true; + else + LIGHTTPD_ENABLED=false; fi - + # Install and log everything to a file installPihole | tee -a /proc/$$/fd/3 @@ -2327,7 +2325,7 @@ main() { # If the Web server was installed, if [[ "${INSTALL_WEB_SERVER}" == true ]]; then - if [[ "${LIGHTTPD_ENABLED}" == "1" ]]; then + if [[ "${LIGHTTPD_ENABLED}" == true ]]; then start_service lighttpd enable_service lighttpd else From aa191e92021302dca9bc3e0bcba6612f2880c6ec Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Sat, 2 Jun 2018 10:46:07 +1000 Subject: [PATCH 136/277] Update basic-install.sh Signed-off-by: Rob Gill --- automated install/basic-install.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index fcc66fe1..5e10c9e9 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -2290,11 +2290,11 @@ main() { if [[ "${INSTALL_WEB_SERVER}" == true ]]; then enable_service lighttpd fi - # Determin if lighttpd is correctly enabled + # Determine if lighttpd is correctly enabled if check_service_active "lighttpd"; then - LIGHTTPD_ENABLED=true; + LIGHTTPD_ENABLED=true else - LIGHTTPD_ENABLED=false; + LIGHTTPD_ENABLED=false fi # Install and log everything to a file From ce5429aba7e7dcfd3260684bbce85f0fe2dc92f2 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Sat, 2 Jun 2018 11:02:06 +1000 Subject: [PATCH 137/277] stickler Signed-off-by: Rob Gill --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 9b5fde8e..83764a0f 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1206,7 +1206,7 @@ install_manpage() { # appropriate directory for Pi-hole's man page is not present echo -e "${OVER} ${INFO} man page not installed" return - elif [[ ! -d "/usr/local/share/man/man8"]]; then + elif [[ ! -d "/usr/local/share/man/man8" ]]; then # if not present, create man8 directory mkdir /usr/local/share/man/man8 fi From c0837c726fb5ee32354d3ec2d9ac5b9b776f57f4 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Sat, 2 Jun 2018 11:18:13 +1000 Subject: [PATCH 138/277] blank space Signed-off-by: Rob Gill --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 5e10c9e9..91589914 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -2296,7 +2296,7 @@ main() { else LIGHTTPD_ENABLED=false fi - + # Install and log everything to a file installPihole | tee -a /proc/$$/fd/3 From ef65bac79b5b6627b51892d2634149d42ce9a97c Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Sat, 2 Jun 2018 11:27:35 +1000 Subject: [PATCH 139/277] change status from INFO to CROSS Signed-Off-By: Rob Gill --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 83764a0f..4064ec04 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1220,7 +1220,7 @@ install_manpage() { # Something is wrong with the system's man installation, clean up # our file, (leave everything how we found it). rm /usr/local/share/man/man8/pihole.8 - echo -e "${OVER} ${INFO} man page db not updated, man page not installed" + echo -e "${OVER} ${CROSS} man page db not updated, man page not installed" fi } From d01a568b8bb867beb3304d1af644deaa15e1f269 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Sat, 2 Jun 2018 14:13:30 +1000 Subject: [PATCH 140/277] Requested changes (also tabs -> spaces) Signed-off-by: Rob Gill --- pihole.8 | 198 ++++++++++++++++++++++++++++--------------------------- 1 file changed, 102 insertions(+), 96 deletions(-) diff --git a/pihole.8 b/pihole.8 index d62dbf8a..75e3e565 100644 --- a/pihole.8 +++ b/pihole.8 @@ -9,7 +9,7 @@ Pi-hole : A black-hole for internet advertisements .br \fBpihole -a\fR \fB-p\fR password .br -\fBpihole -a\fR (-c|-f|-k) +\fBpihole -a\fR (\fB-c|-f|-k\fR) .br \fBpihole -a\fR [\fB-r\fR hostrecord] .br @@ -33,10 +33,12 @@ pihole -g\fR .br \fBpihole\fR -\fBq\fR [options] .br -\fBpihole\fR \fB-l\fR (on|off|off noflush) +\fBpihole\fR \fB-l\fR (\fBon|off|off noflush\fR) .br \fBpihole -up \fR[--checkonly] .br +\fBpihole -v\fR [-p|-a|-f] [-c|-l|-hash] +.br \fBpihole uninstall .br pihole status @@ -56,269 +58,273 @@ Available commands and options: \fB-w, whitelist\fR [options] [ ] .br - Adds or removes specified domain or domains tho the Whitelist + Adds or removes specified domain or domains tho the Whitelist .br \fB-b, blacklist\fR [options] [ ] .br - Adds or removes specified domain or domains to the blacklist + Adds or removes specified domain or domains to the blacklist .br \fB-wild, wildcard\fR [options] [ ] .br - Add or removes specified domain, and all subdomains to the blacklist -.br - -.br - (Whitelist/Blacklist manipulation options): -.br - -d, --delmode Remove domain(s) from the list -.br - -nr, --noreload Update list without refreshing dnsmasq -.br - -q, --quiet Make output less verbose -.br - -l, --list Display all your listed domains -.br - --nuke Removes all entries in a list + Add or removes specified domain, and all subdomains to the blacklist .br -\fB-d, debug\fR [\fB-a\fR] + (Whitelist/Blacklist manipulation options): .br - Start a debugging session Add '-a' to enable automated debugging + -d, --delmode Remove domain(s) from the list +.br + -nr, --noreload Update list without refreshing dnsmasq +.br + -q, --quiet Make output less verbose +.br + -l, --list Display all your listed domains +.br + --nuke Removes all entries in a list +.br + +\fB-d, debug\fR [-a] +.br + Start a debugging session +.br + + -a Enable automated debugging .br \fB-f, flush\fR .br - Flush the Pi-hole log + Flush the Pi-hole log .br .br \fB-r, reconfigure\fR .br - Reconfigure or Repair Pi-hole subsystems + Reconfigure or Repair Pi-hole subsystems .br \fB-t, tail\fR .br - View the live output of the Pi-hole log + View the live output of the Pi-hole log .br -\fB-a, admin\fR [options] Console +\fB-a, admin\fR [options] .br - + + (Admin options): .br - (Admin console options): + -p, password Set Web Interface password .br - -p, password Set Admin Console password + -c, celsius Set Celsius as preferred temperature unit .br - -c, celsius Set Celsius as preferred temperature unit + -f, fahrenheit Set Fahrenheit as preferred temperature unit .br - -f, fahrenheit Set Fahrenheit as preferred temperature unit + -k, kelvin Set Kelvin as preferred temperature unit .br - -k, kelvin Set Kelvin as preferred temperature unit + -r, hostrecord Add a name to the DNS associated to an IPv4/IPv6 address .br - -r, hostrecord Add a name to the DNS associated to an IPv4/IPv6 address + -e, email Set an administrative contact address for the Block Page .br - -e, email Set an administrative contact address for the Block Page + -i, interface Specify dnsmasq's interface listening behavior .br - -i, interface Specify dnsmasq's interface listening behavior -.br - -l, privacylevel Set privacy level (0 = lowest, 3 = highest) + -l, privacylevel Set privacy level (0 = lowest, 3 = highest) .br .br \fB-c, chronometer\fR [options] .br - Calculates stats and displays to an LCD + Calculates stats and displays to an LCD .br - (Chronometer Options): + (Chronometer Options): .br - -j, --json Output stats as JSON formatted string + -j, --json Output stats as JSON formatted string .br - -r, --refresh Set update frequency (in seconds) + -r, --refresh Set update frequency (in seconds) .br - -e, --exit Output stats and exit witout refreshing + -e, --exit Output stats and exit witout refreshing .br \fB-g, updateGravity\fR .br - Update the list of ad-serving domains + Update the list of ad-serving domains .br \fB-q, query\fR [option] .br - Query the adlists for a specified domain + Query the adlists for a specified domain .br - (Query options): + (Query options): .br - -adlist Print the name of the block list URL + -adlist Print the name of the block list URL .br - -exact Search the block lists for exact domain matches + -exact Search the block lists for exact domain matches .br - -all Return all query matches within a block list + -all Return all query matches within a block list .br \fB-h, --help, help\fR .br - Show a help dialog + Show a help dialog .br \fB-l, logging\fR [on|off|off noflush] .br - Specify whether the Pi-hole log should be used + Specify whether the Pi-hole log should be used .br (Logging options): .br - on Enable the Pi-hole log at /var/log/pihole.log + on Enable the Pi-hole log at /var/log/pihole.log .br - off Disable and flush the Pi-hole log at /var/log/pihole.log + off Disable and flush the Pi-hole log at /var/log/pihole.log .br - off noflush Disable the Pi-hole log at /var/log/pihole.log + off noflush Disable the Pi-hole log at /var/log/pihole.log .br .br \fB-up, updat\fBe\fR\fR\fBPihole\fR [--check-only] .br - Update Pi-hole subsystems + Update Pi-hole subsystems .br - Add '--check-only' to exit script before update is performed. + + --check-only Exit script before update is performed. .br \fB-v, version\fR [repo] [options] .br - Show installed versions of Pi-hole, Admin Console & FTL + Show installed versions of Pi-hole, Web Interface & FTL .br .br - (repo options): + (repo options): .br - -p, --pihole Only retrieve info regarding Pi-hole repository + -p, --pihole Only retrieve info regarding Pi-hole repository .br - -a, --admin Only retrieve info regarding AdminLTE repository + -a, --admin Only retrieve info regarding AdminLTE repository .br - -f, --ftl Only retrieve info regarding FTL repository + -f, --ftl Only retrieve info regarding FTL repository .br - (version options): + (version options): .br - -c, --current Return the current version + -c, --current Return the current version .br - -l, --latest Return the latest version + -l, --latest Return the latest version .br - --hash Return the Github hash from your local repositories + --hash Return the Github hash from your local repositories .br \fBuninstall\fR .br - Uninstall Pi-hole from your system + Uninstall Pi-hole from your system .br \fBstatus\fR .br - Display the running status of Pi-hole subsystems + Display the running status of Pi-hole subsystems .br \fBenable\fR .br - Enable Pi-hole subsystems + Enable Pi-hole subsystems .br \fBdisable\fR [time] .br - Disable Pi-hole subsystems, optionally for a set duration + Disable Pi-hole subsystems, optionally for a set duration .br .br - (time options): + (time options): .br - #s Disable Pi-hole functionality for # second(s) + #s Disable Pi-hole functionality for # second(s) .br - #m Disable Pi-hole functionality for # minute(s) + #m Disable Pi-hole functionality for # minute(s) .br \fBrestartdns\fR .br - Restart Pi-hole subsystems + Restart Pi-hole subsystems .br \fBcheckout\fR [repo][branch] .br - Switch Pi-hole subsystems to a different Github branch + Switch Pi-hole subsystems to a different Github branch .br - (repo options): + (repo options): .br - core Change the branch of Pi-hole's core subsystem + core Change the branch of Pi-hole's core subsystem .br - web Change the branch of Admin Console subsystem + web Change the branch of Admin Console subsystem .br - ftl Change the branch of Pi-hole's FTL subsystem + ftl Change the branch of Pi-hole's FTL subsystem .br - (branch options): + (branch options): .br - master Update subsystems to the latest stable release + master Update subsystems to the latest stable release .br - dev Update subsystems to the latest development release + dev Update subsystems to the latest development release +.br + branchname Update subsystems to the specified branchname .br - .SH "EXAMPLE" + Some usage examples .br - Whitelist/blacklist manipulation + Whitelist/blacklist manipulation .br - \fBpihole -w iloveads.example.com\fR Add "iloveads.example.com" to whitelist + \fBpihole -w iloveads.example.com\fR Add "iloveads.example.com" to whitelist .br - \fBpihole -b -d noads.example.com\fR Remove "noads.example.com" from blacklist + \fBpihole -b -d noads.example.com\fR Remove "noads.example.com" from blacklist .br - \fBpihole -wild ads.example\fR Add "ads.example" as wildcard - would block ads.example.net + \fBpihole -wild example\fR Add "example" as wildcard - would block ads.example.net, example.com etc. .br - Changing the web ui password + Changing the web ui password .br .br - \fBpihole -a -p ExamplePassword\fR Change the password to "ExamplePassword" + \fBpihole -a -p ExamplePassword\fR Change the password to "ExamplePassword" .br - Updating lists from internet sources + Updating lists from internet sources .br .br - \fBpihole -g\fR Update the list of ad-serving domains + \fBpihole -g\fR Update the list of ad-serving domains .br - Displaying version information + Displaying version information .br .br - \fBpihole -v -c\fR Display the current version of AdminLTE + \fBpihole -v -a -c\fR Display the current version of AdminLTE .br .br - Temporarily disabling Pi-hole + Temporarily disabling Pi-hole .br .br - \fBpihole disable 5m\fR Disable Pi-hole functionality for five minutes + \fBpihole disable 5m\fR Disable Pi-hole functionality for five minutes .br .br - Switching Pi-hole subsystem branches + Switching Pi-hole subsystem branches .br .br - \fBpihole checkout master\fR Switch to master branch + \fBpihole checkout master\fR Switch to master branch .br - \fBpihole checkout core dev\fR Switch to core development branch + \fBpihole checkout core dev\fR Switch to core development branch .br .SH "SEE ALSO" -dmasq(8), lighttpd(8) +dnsmasq(8), lighttpd(8) .br .SH "COLOPHON" From 9970f3786fba774db6ebfb087a4c97d28ea91267 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Sat, 2 Jun 2018 14:14:55 +1000 Subject: [PATCH 141/277] Requested change Signed-off-by: Rob Gill --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 4064ec04..e8b1b9bc 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1198,7 +1198,7 @@ install_manpage() { # Default location for man files for /usr/local/bin is /usr/local/share/man # on lightweight systems may not be present, so check before copying. echo -en " ${INFO} Testing man page installation" - if ! command -v mandb; then + if ! command -v mandb &>/dev/null; then # if mandb is not present, no manpage support echo -e "${OVER} ${INFO} man not installed" return From 213f23aaf6c347e7331b03eb0db16a410efbfac1 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Sat, 2 Jun 2018 14:46:45 +1000 Subject: [PATCH 142/277] wildcard & space Signed-off-by: Rob Gill --- pihole.8 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pihole.8 b/pihole.8 index 75e3e565..76d6b72b 100644 --- a/pihole.8 +++ b/pihole.8 @@ -230,7 +230,7 @@ Available commands and options: Enable Pi-hole subsystems .br -\fBdisable\fR [time] +\fBdisable\fR [time] .br Disable Pi-hole subsystems, optionally for a set duration .br @@ -248,7 +248,7 @@ Available commands and options: Restart Pi-hole subsystems .br -\fBcheckout\fR [repo][branch] +\fBcheckout\fR [repo] [branch] .br Switch Pi-hole subsystems to a different Github branch .br @@ -281,7 +281,7 @@ Some usage examples .br \fBpihole -b -d noads.example.com\fR Remove "noads.example.com" from blacklist .br - \fBpihole -wild example\fR Add "example" as wildcard - would block ads.example.net, example.com etc. + \fBpihole -wild example.com\fR Add "example.com" as wildcard - would block ads.example.com, www.example.com etc. .br Changing the web ui password From 83ff0055b672eab6d237b65ea88fe60acc96dbf6 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Sat, 2 Jun 2018 15:30:51 +1000 Subject: [PATCH 143/277] Test and indicate status This added function tests if pihole-FTL is running when the sysV. Signed-off-by: Rob Gill --- advanced/pihole-FTL.service | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/advanced/pihole-FTL.service b/advanced/pihole-FTL.service index ef8ee9c2..ecc7a52a 100644 --- a/advanced/pihole-FTL.service +++ b/advanced/pihole-FTL.service @@ -69,13 +69,25 @@ stop() { echo } +# Indicate the service status +status() { + if is_running; then + echo "[ ok ] pihole-FTL is running" + exit 0 + else + echo "[ ] pihole-FTL is not running" + exit 1 + fi +} + + ### main logic ### case "$1" in stop) stop ;; status) - status pihole-FTL + status ;; start|restart|reload|condrestart) stop From f5541860bc16b96bf9f8121657d4c054d43c42d5 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Sat, 2 Jun 2018 09:56:08 +0100 Subject: [PATCH 144/277] Don't run the installer when doing ftl checkout, instead just run the ftl install functions Signed-off-by: Adam Warner --- advanced/Scripts/piholeCheckout.sh | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/advanced/Scripts/piholeCheckout.sh b/advanced/Scripts/piholeCheckout.sh index 65bb5b7a..5125a2b4 100644 --- a/advanced/Scripts/piholeCheckout.sh +++ b/advanced/Scripts/piholeCheckout.sh @@ -166,6 +166,9 @@ checkout() { if check_download_exists "$path"; then echo " ${TICK} Branch ${2} exists" echo "${2}" > /etc/pihole/ftlbranch + FTLinstall "${binary}" + start_service pihole-FTL + enable_service pihole-FTL else echo " ${CROSS} Requested branch \"${2}\" is not available" ftlbranches=( $(git ls-remote https://github.com/pi-hole/ftl | grep 'heads' | sed 's/refs\/heads\///;s/ //g' | awk '{print $2}') ) @@ -180,7 +183,7 @@ checkout() { fi # Force updating everything - if [[ ! "${1}" == "web" ]]; then + if [[ ! "${1}" == "web" && ! "${1}" == "ftl" ]]; then echo -e " ${INFO} Running installer to upgrade your installation" if "${PI_HOLE_FILES_DIR}/automated install/basic-install.sh" --unattended; then exit 0 From ed7ebfd58df4192876e7d6fc4ecc96d2897c9470 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Sun, 3 Jun 2018 22:15:26 +1000 Subject: [PATCH 145/277] man page for pihole-FTL Signed-off-by: Rob Gill --- automated install/basic-install.sh | 25 +++++--- automated install/uninstall.sh | 2 +- manpages/pihole-FTL.8 | 94 ++++++++++++++++++++++++++++++ manpages/pihole-FTL.conf.5 | 74 +++++++++++++++++++++++ pihole.8 => manpages/pihole.8 | 65 +++++++++------------ 5 files changed, 212 insertions(+), 48 deletions(-) create mode 100644 manpages/pihole-FTL.8 create mode 100644 manpages/pihole-FTL.conf.5 rename pihole.8 => manpages/pihole.8 (90%) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 325688cd..8181bcb7 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1194,7 +1194,7 @@ installConfigs() { } install_manpage() { - # Copy Pi-hole man page and call mandb to update man page database + # Copy Pi-hole man pages and call mandb to update man page database # Default location for man files for /usr/local/bin is /usr/local/share/man # on lightweight systems may not be present, so check before copying. echo -en " ${INFO} Testing man page installation" @@ -1204,23 +1204,30 @@ install_manpage() { return elif [[ ! -d "/usr/local/share/man" ]]; then # appropriate directory for Pi-hole's man page is not present - echo -e "${OVER} ${INFO} man page not installed" + echo -e "${OVER} ${INFO} man pages not installed" return - elif [[ ! -d "/usr/local/share/man/man8" ]]; then + fi + if [[ ! -d "/usr/local/share/man/man8" ]]; then # if not present, create man8 directory mkdir /usr/local/share/man/man8 fi - # Testing complete, copy the file & update the man db - cp ${PI_HOLE_LOCAL_REPO}/pihole.8 /usr/local/share/man/man8/pihole.8 + if [[ ! -d "/usr/local/share/man/man5" ]]; then + # if not present, create man8 directory + mkdir /usr/local/share/man/man5 + fi + # Testing complete, copy the files & update the man db + cp ${PI_HOLE_LOCAL_REPO}/manpages/pihole.8 /usr/local/share/man/man8/pihole.8 + cp ${PI_HOLE_LOCAL_REPO}/manpages/pihole-FTL.8 /usr/local/share/man/man8/pihole-FTL.8 + cp ${PI_HOLE_LOCAL_REPO}/manpages/pihole-FTL.conf.5 /usr/local/share/man/man5/pihole-FTL.conf.5 if mandb -q &>/dev/null; then # Updated successfully - echo -e "${OVER} ${TICK} man page installed and database updated" + echo -e "${OVER} ${TICK} man pages installed and database updated" return else # Something is wrong with the system's man installation, clean up - # our file, (leave everything how we found it). - rm /usr/local/share/man/man8/pihole.8 - echo -e "${OVER} ${CROSS} man page db not updated, man page not installed" + # our files, (leave everything how we found it). + rm /usr/local/share/man/man8/pihole.8 /usr/local/share/man/man8/pihole-FTL.8 /usr/local/share/man/man5/pihole-FTL.conf.5 + echo -e "${OVER} ${CROSS} man page db not updated, man pages not installed" fi } diff --git a/automated install/uninstall.sh b/automated install/uninstall.sh index 4525f42f..9322de92 100755 --- a/automated install/uninstall.sh +++ b/automated install/uninstall.sh @@ -173,7 +173,7 @@ removeNoPurge() { # If the pihole manpage exists, then delete and rebuild man-db if [[ -f /usr/local/share/man/man8/pihole.8 ]]; then - ${SUDO} rm -f /usr/local/share/man/man8/pihole.8 + ${SUDO} rm -f /usr/local/share/man/man8/pihole.8 /usr/local/share/man/man8/pihole-FTL.8 /usr/local/share/man/man5/pihole-FTL.conf.5 ${SUDO} mandb -q &>/dev/null echo -e " ${TICK} Removed pihole man page" fi diff --git a/manpages/pihole-FTL.8 b/manpages/pihole-FTL.8 new file mode 100644 index 00000000..b11f00de --- /dev/null +++ b/manpages/pihole-FTL.8 @@ -0,0 +1,94 @@ +.TH "Pihole-FTL" "8" "pihole-FTL" "Pi-hole" "June 2018" +.SH "NAME" +pihole-FTL - Pi-hole : The Faster-Than-Light (FTL) Engine +.br +.SH "SYNOPSIS" +\fBservice pihole-FTL \fR(\fBstart\fR|\fBstop\fR|\fBrestart\fR) +.br + +\fBpihole-FTL debug\fR +.br +\fBpihole-FTL test\fR +.br +\fBpihole-FTL -v\fR +.br +\fBpihole-FTL -t\fR +.br +\fBpihole-FTL -b\fR +.br +\fBpihole-FTL -f\fR +.br +\fBpihole-FTL dnsmasq-test\fR +.br + +.SH "DESCRIPTION" +Pi-hole : The Faster-Than-Light (FTL) Engine is a lightweight, purpose-built daemon used to provide statistics needed for the Pi-hole Web Interface, and its API can be easily integrated into your own projects. Although it is an optional component of the Pi-hole ecosystem, it will be installed by default to provide statistics. As the name implies, FTL does its work \fIvery\fR \fIquickly\fR! +.br + +Usage +.br + +\fB\fBservi\fRce pihole-FTL start\fR +.br + Start the pihole-FTL daemon +.br + +\fBservice pihole-FTL stop\fR +.br + Stop the pihole-FTL daemon +.br + +\fBservice pihole-FTL restart\fR +.br + If the pihole-FTP daemon is running, stop and then start, otherwise start. +.br + +Command line arguments +.br + +\fBdebug\fR +.br + Don't go into daemon mode (stay in foreground) + more verbose logging +.br + +\fBtest\fR +.br + Start FTL and process everything, but shut down immediately afterwards +.br + +\fB-v, version\fR +.br + Don't start FTL, show only version +.br + +\fB-t, tag\fR +.br + Don't start FTL, show only git tag +.br + +\fB-b, branch\fR +.br + Don't start FTL, show only git branch FTL was compiled from +.br + +\fB-f, no-daemon\fR +.br + Don't go into background (daemon mode) +.br + +\fB-h, help\fR +.br + Don't start FTL, show help +.br +.SH "EXAMPLE" +Command line arguments can be arbitrarily combined, e.g: +.br + +\fBpihole-FTL debug test\fR +.br + +Start ftl in foreground with more verbose logging, process everything and shutdown immediately +.br +.SH "SEE ALSO" +\fBpihole\fR(8), \fBpihole-FTL.conf\fR(5) +.br diff --git a/manpages/pihole-FTL.conf.5 b/manpages/pihole-FTL.conf.5 new file mode 100644 index 00000000..1db71ace --- /dev/null +++ b/manpages/pihole-FTL.conf.5 @@ -0,0 +1,74 @@ +.TH "pihole-FTL.conf" "5" "pihole-FTL.conf" "pihole-FTL.conf" "June 2018" +.SH "NAME" + +pihole-FTL.conf - FTL's config file +.br +.SH "DESCRIPTION" + +/etc/pihole/pihole-FTL.conf will be read by \fBpihole-FTL(8)\fR on startup. +.br + +SOCKET_LISTENING=localonly|all +.br + Listen only for local socket connections or permit all connections +.br + +QUERY_DISPLAY=yes|no +.br + Display all queries? Set to no to hide query display +.br + +AAAA_QUERY_ANALYSIS=yes|no +.br + Allow FTL to analyze AAAA queries from pihole.log? +.br + +MAXDBDAYS=365 +.br + How long should queries be stored in the database? +.br + Setting this to 0 disables the database altogether +.br + +RESOLVE_IPV6=yes|no +.br + Should FTL try to resolve IPv6 addresses to host names? +.br + +RESOLVE_IPV4=yes|no +.br + Should FTL try to resolve IPv4 addresses to host names? +.br + +DBINTERVAL=1.0 +.br + How often do we store queries in FTL's database [minutes]? +.br + +DBFILE=/etc/pihole/pihole-FTL.db +.br + Specify path and filename of FTL's SQLite long-term database. +.br + Setting this to DBFILE= disables the database altogether +.br + +MAXLOGAGE=24.0 +.br + Up to how many hours of queries should be imported from the database and logs? +.br + Maximum is 744 (31 days) +.br + +For each setting, the option shown first is the default. +.br +.SH "SEE ALSO" + +\fBpihole\fR(8), \fBpihole-FTL\fR(8) +.br +.SH "COLOPHON" + +Pi-hole : The Faster-Than-Light (FTL) Engine is a lightweight, purpose-built daemon used to provide statistics needed for the Pi-hole Web Interface, and its API can be easily integrated into your own projects. Although it is an optional component of the Pi-hole ecosystem, it will be installed by default to provide statistics. As the name implies, FTL does its work \fIvery quickly\fR! +.br + +Get sucked into the latest news and community activity by entering Pi-hole's orbit. Information about Pi-hole, and the latest version of the software can be found at https://pi-hole.net +.br diff --git a/pihole.8 b/manpages/pihole.8 similarity index 90% rename from pihole.8 rename to manpages/pihole.8 index 76d6b72b..fc719ffb 100644 --- a/pihole.8 +++ b/manpages/pihole.8 @@ -21,13 +21,13 @@ Pi-hole : A black-hole for internet advertisements .br \fBpihole -c\fR [-j|-r|-e] .br -\fBpihole\fR \fB-d\fR [-a] +\fBpihole\fR \fB-d\fR [-a] .br \fBpihole -f .br pihole -r .br -pihole -t +pihole -t .br pihole -g\fR .br @@ -84,9 +84,9 @@ Available commands and options: --nuke Removes all entries in a list .br -\fB-d, debug\fR [-a] +\fB-d, debug\fR [-a] .br - Start a debugging session + Start a debugging session .br -a Enable automated debugging @@ -96,8 +96,7 @@ Available commands and options: .br Flush the Pi-hole log .br - -.br + \fB-r, reconfigure\fR .br Reconfigure or Repair Pi-hole subsystems @@ -129,11 +128,10 @@ Available commands and options: .br -l, privacylevel Set privacy level (0 = lowest, 3 = highest) .br - -.br + \fB-c, chronometer\fR [options] .br - Calculates stats and displays to an LCD + Calculates stats and displays to an LCD .br (Chronometer Options): @@ -145,12 +143,12 @@ Available commands and options: -e, --exit Output stats and exit witout refreshing .br -\fB-g, updateGravity\fR +\fB-g, updateGravity\fR .br Update the list of ad-serving domains .br -\fB-q, query\fR [option] +\fB-q, query\fR [option] .br Query the adlists for a specified domain .br @@ -164,7 +162,7 @@ Available commands and options: -all Return all query matches within a block list .br -\fB-h, --help, help\fR +\fB-h, --help, help\fR .br Show a help dialog .br @@ -178,21 +176,20 @@ Available commands and options: .br on Enable the Pi-hole log at /var/log/pihole.log .br - off Disable and flush the Pi-hole log at /var/log/pihole.log + off Disable and flush the Pi-hole log at /var/log/pihole.log .br off noflush Disable the Pi-hole log at /var/log/pihole.log .br - + +\fB-up, updat\fBe\fR\fR\fBPihole\fR [--check-only] .br -\fB-up, updat\fBe\fR\fR\fBPihole\fR [--check-only] -.br - Update Pi-hole subsystems + Update Pi-hole subsystems .br --check-only Exit script before update is performed. .br -\fB-v, version\fR [repo] [options] +\fB-v, version\fR [repo] [options] .br Show installed versions of Pi-hole, Web Interface & FTL .br @@ -234,8 +231,7 @@ Available commands and options: .br Disable Pi-hole subsystems, optionally for a set duration .br - -.br + (time options): .br #s Disable Pi-hole functionality for # second(s) @@ -248,7 +244,7 @@ Available commands and options: Restart Pi-hole subsystems .br -\fBcheckout\fR [repo] [branch] +\fBcheckout\fR [repo] [branch] .br Switch Pi-hole subsystems to a different Github branch .br @@ -281,50 +277,43 @@ Some usage examples .br \fBpihole -b -d noads.example.com\fR Remove "noads.example.com" from blacklist .br - \fBpihole -wild example.com\fR Add "example.com" as wildcard - would block ads.example.com, www.example.com etc. + \fB\fBpihole -wild example\fR.com\fR Add "example" as wildcard - would block ads.example.com, www.example.com etc. .br - Changing the web ui password -.br - + Changing the Web Interface password .br + \fBpihole -a -p ExamplePassword\fR Change the password to "ExamplePassword" .br Updating lists from internet sources .br - -.br + \fBpihole -g\fR Update the list of ad-serving domains .br Displaying version information .br - -.br + \fBpihole -v -a -c\fR Display the current version of AdminLTE .br - -.br + Temporarily disabling Pi-hole .br - -.br + \fBpihole disable 5m\fR Disable Pi-hole functionality for five minutes .br - -.br + Switching Pi-hole subsystem branches .br - -.br + \fBpihole checkout master\fR Switch to master branch .br \fBpihole checkout core dev\fR Switch to core development branch .br .SH "SEE ALSO" -dnsmasq(8), lighttpd(8) +\fBlighttpd\fR(8), \fBpihole-FTL\fR(8) .br .SH "COLOPHON" From 3149a95d6ac98154cedde481bafcf92f05a8a6e1 Mon Sep 17 00:00:00 2001 From: Mark Drobnak Date: Sun, 3 Jun 2018 13:33:33 -0400 Subject: [PATCH 146/277] Fix gravity_ParseFileIntoDomains Awk comment Signed-off-by: Mark Drobnak --- gravity.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/gravity.sh b/gravity.sh index 58419029..dfcb753a 100755 --- a/gravity.sh +++ b/gravity.sh @@ -277,9 +277,9 @@ gravity_ParseFileIntoDomains() { # Most of the lists downloaded are already in hosts file format but the spacing/formating is not contigious # This helps with that and makes it easier to read # It also helps with debugging so each stage of the script can be researched more in depth - #Awk -F splits on given IFS, we grab the right hand side (chops trailing #coments and /'s to grab the domain only. - #Last awk command takes non-commented lines and if they have 2 fields, take the left field (the domain) and leave - #+ the right (IP address), otherwise grab the single field. + # Awk -F splits on given IFS, we grab the right hand side (chops trailing #coments and /'s to grab the domain only. + # Last awk command takes non-commented lines and if they have 2 fields, take the right field (the domain) and leave + # the left (IP address), otherwise grab the single field. < ${source} awk -F '#' '{print $1}' | \ awk -F '/' '{print $1}' | \ From 49fb4421dd10d491e1bae7998e86e52cc2c49bce Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Mon, 4 Jun 2018 09:54:53 +1000 Subject: [PATCH 147/277] Requested changes to manpages - now align with docs.pi-hole.net/ftldns. weird bolding issues fixed Signed-off-by: Rob Gill --- manpages/pihole-FTL.8 | 20 ++++++++++++++- manpages/pihole-FTL.conf.5 | 50 ++++++++++++++++++++++++++------------ manpages/pihole.8 | 4 +-- 3 files changed, 56 insertions(+), 18 deletions(-) diff --git a/manpages/pihole-FTL.8 b/manpages/pihole-FTL.8 index b11f00de..812801a4 100644 --- a/manpages/pihole-FTL.8 +++ b/manpages/pihole-FTL.8 @@ -18,8 +18,12 @@ pihole-FTL - Pi-hole : The Faster-Than-Light (FTL) Engine .br \fBpihole-FTL -f\fR .br +\fBpihole-FTL -h\fR +.br \fBpihole-FTL dnsmasq-test\fR .br +\fBpihole-FTL --\fR (\fBoptions\fR) +.br .SH "DESCRIPTION" Pi-hole : The Faster-Than-Light (FTL) Engine is a lightweight, purpose-built daemon used to provide statistics needed for the Pi-hole Web Interface, and its API can be easily integrated into your own projects. Although it is an optional component of the Pi-hole ecosystem, it will be installed by default to provide statistics. As the name implies, FTL does its work \fIvery\fR \fIquickly\fR! @@ -28,7 +32,7 @@ Pi-hole : The Faster-Than-Light (FTL) Engine is a lightweight, purpose-built dae Usage .br -\fB\fBservi\fRce pihole-FTL start\fR +\fBservice pihole-FTL start\fR .br Start the pihole-FTL daemon .br @@ -80,6 +84,16 @@ Command line arguments .br Don't start FTL, show help .br + +\fBdnsmasq-test\fR +.br + Test resolver config file syntax +.br + +\fB--\fR (options) +.br + Pass options to internal resolver +.br .SH "EXAMPLE" Command line arguments can be arbitrarily combined, e.g: .br @@ -92,3 +106,7 @@ Start ftl in foreground with more verbose logging, process everything and shutdo .SH "SEE ALSO" \fBpihole\fR(8), \fBpihole-FTL.conf\fR(5) .br +.SH "COLOPHON" + +Get sucked into the latest news and community activity by entering Pi-hole's orbit. Information about Pi-hole, and the latest version of the software can be found at https://pi-hole.net +.br diff --git a/manpages/pihole-FTL.conf.5 b/manpages/pihole-FTL.conf.5 index 1db71ace..b99a6c1d 100644 --- a/manpages/pihole-FTL.conf.5 +++ b/manpages/pihole-FTL.conf.5 @@ -8,57 +8,77 @@ pihole-FTL.conf - FTL's config file /etc/pihole/pihole-FTL.conf will be read by \fBpihole-FTL(8)\fR on startup. .br -SOCKET_LISTENING=localonly|all +\fBSOCKET_LISTENING=localonly|all\fR .br Listen only for local socket connections or permit all connections .br -QUERY_DISPLAY=yes|no +\fBQUERY_DISPLAY=yes|no\fR .br Display all queries? Set to no to hide query display .br -AAAA_QUERY_ANALYSIS=yes|no +\fBAAAA_QUERY_ANALYSIS=yes|no\fR .br Allow FTL to analyze AAAA queries from pihole.log? .br -MAXDBDAYS=365 -.br - How long should queries be stored in the database? -.br - Setting this to 0 disables the database altogether -.br - -RESOLVE_IPV6=yes|no +\fBRESOLVE_IPV6=yes|no\fR .br Should FTL try to resolve IPv6 addresses to host names? .br -RESOLVE_IPV4=yes|no +\fBRESOLVE_IPV4=yes|no\fR .br Should FTL try to resolve IPv4 addresses to host names? .br -DBINTERVAL=1.0 +\fBMAXDBDAYS=365\fR +.br + How long should queries be stored in the database? +.br + Setting this to 0 disables the database +.br + +\fBDBINTERVAL=1.0\fR .br How often do we store queries in FTL's database [minutes]? .br -DBFILE=/etc/pihole/pihole-FTL.db +\fBDBFILE=/etc/pihole/pihole-FTL.db\fR .br Specify path and filename of FTL's SQLite long-term database. .br Setting this to DBFILE= disables the database altogether .br -MAXLOGAGE=24.0 +\fBMAXLOGAGE=24.0\fR .br Up to how many hours of queries should be imported from the database and logs? .br Maximum is 744 (31 days) .br +\fBFTLPORT=4711\fR +.br + On which port should FTL be listening? +.br + +\fBPRIVACYLEVEL=0|1|2|3\fR +.br + Which privacy level is used? +.br + +\fBIGNORE_LOCALHOST=no|yes\fR +.br + Should FTL ignore queries coming from the local machine? +.br + +\fBBLOCKINGMODE=IP|IP-AAAA-NODATA|NXDOMAIN|NULL\fR +.br + How should FTL reply to blocked queries? +.br + For each setting, the option shown first is the default. .br .SH "SEE ALSO" diff --git a/manpages/pihole.8 b/manpages/pihole.8 index fc719ffb..54bf4a31 100644 --- a/manpages/pihole.8 +++ b/manpages/pihole.8 @@ -181,7 +181,7 @@ Available commands and options: off noflush Disable the Pi-hole log at /var/log/pihole.log .br -\fB-up, updat\fBe\fR\fR\fBPihole\fR [--check-only] +\fB-up, updatePihole\fR [--check-only] .br Update Pi-hole subsystems .br @@ -277,7 +277,7 @@ Some usage examples .br \fBpihole -b -d noads.example.com\fR Remove "noads.example.com" from blacklist .br - \fB\fBpihole -wild example\fR.com\fR Add "example" as wildcard - would block ads.example.com, www.example.com etc. + \fBpihole -wild example.com\fR Add "example.com" as wildcard - would block ads.example.com, www.example.com etc. .br Changing the Web Interface password From 40bc390c3bd84893cbc5f54cffe020bcceec3d57 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Mon, 4 Jun 2018 13:34:42 +1000 Subject: [PATCH 148/277] Admin Console -> "Web Interface" User facing --help text changes Admin Console --> Web Interface and additional branch option Signed-Off-By: Rob Gill --- pihole | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/pihole b/pihole index b3f532af..c125d0d9 100755 --- a/pihole +++ b/pihole @@ -541,12 +541,13 @@ Switch Pi-hole subsystems to a different Github branch Repositories: core [branch] Change the branch of Pi-hole's core subsystem - web [branch] Change the branch of Admin Console subsystem + web [branch] Change the branch of Web Interface subsystem ftl [branch] Change the branch of Pi-hole's FTL subsystem Branches: master Update subsystems to the latest stable release - dev Update subsystems to the latest development release" + dev Update subsystems to the latest development release + branchname Update subsystems to the specified branchname" exit 0 fi @@ -610,8 +611,8 @@ Debugging Options: -t, tail View the live output of the Pi-hole log Options: - -a, admin Admin Console options - Add '-h' for more info on admin console usage + -a, admin Web interface options + Add '-h' for more info on Web Interface usage -c, chronometer Calculates stats and displays to an LCD Add '-h' for more info on chronometer usage -g, updateGravity Update the list of ad-serving domains @@ -622,7 +623,7 @@ Options: Add '-h' for more info on query usage -up, updatePihole Update Pi-hole subsystems Add '--check-only' to exit script before update is performed. - -v, version Show installed versions of Pi-hole, Admin Console & FTL + -v, version Show installed versions of Pi-hole, Web Interface & FTL Add '-h' for more info on version usage uninstall Uninstall Pi-hole from your system status Display the running status of Pi-hole subsystems From a11e5e2debac1efde56b8e00ca7a439d73329a56 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Tue, 5 Jun 2018 10:23:23 +1000 Subject: [PATCH 149/277] dnsmasq Signed-off-by: Rob Gill --- manpages/pihole-FTL.8 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manpages/pihole-FTL.8 b/manpages/pihole-FTL.8 index 812801a4..2928f2d8 100644 --- a/manpages/pihole-FTL.8 +++ b/manpages/pihole-FTL.8 @@ -92,7 +92,7 @@ Command line arguments \fB--\fR (options) .br - Pass options to internal resolver + Pass options to internal dnsmasq resolver .br .SH "EXAMPLE" Command line arguments can be arbitrarily combined, e.g: From 4188fb536e1fd78914ffb22de923a8e2cf2c9393 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Tue, 5 Jun 2018 10:25:51 +1000 Subject: [PATCH 150/277] Privacy levels Signed-off-by: Rob Gill --- manpages/pihole-FTL.conf.5 | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/manpages/pihole-FTL.conf.5 b/manpages/pihole-FTL.conf.5 index b99a6c1d..50536279 100644 --- a/manpages/pihole-FTL.conf.5 +++ b/manpages/pihole-FTL.conf.5 @@ -68,6 +68,14 @@ pihole-FTL.conf - FTL's config file .br Which privacy level is used? .br + 0 - show everything +.br + 1 - hide domains +.br + 2 - hide domains and clients +.br + 3 - paranoia mode (hide everything) +.br \fBIGNORE_LOCALHOST=no|yes\fR .br From 7398a9ebf937cadeb3f47537684ed60facce5ffe Mon Sep 17 00:00:00 2001 From: Jacob Salmela Date: Mon, 4 Jun 2018 19:59:23 -0500 Subject: [PATCH 151/277] remove projects that are not compliant with our trademarks Signed-off-by: Jacob Salmela --- README.md | 36 +++++++++++++----------------------- 1 file changed, 13 insertions(+), 23 deletions(-) diff --git a/README.md b/README.md index 60c54f87..40a9254f 100644 --- a/README.md +++ b/README.md @@ -178,32 +178,13 @@ Pi-hole being a **advertising-aware DNS/Web server**, makes use of the following * [AdminLTE Dashboard](https://github.com/almasaeed2010/AdminLTE) - premium admin control panel based on Bootstrap 3.x While quite outdated at this point, [this original blog post about Pi-hole](https://jacobsalmela.com/2015/06/16/block-millions-ads-network-wide-with-a-raspberry-pi-hole-2-0/) goes into **great detail** about how Pi-hole was originally setup and how it works. Syntactically, it's no longer accurate, but the same basic principles and logic still apply to Pi-hole's current state. - ------ - -## Pi-hole Projects -- [The Big Blocklist Collection](https://wally3k.github.io) -- [Docker Pi-hole container (x86 and ARM)](https://hub.docker.com/r/diginc/pi-hole/) -- [Pi-Hole in the cloud](http://blog.codybunch.com/2015/07/28/Pi-Hole-in-the-cloud/) -- [Pie in the Sky-Hole [A Pi-Hole in the cloud for ad-blocking via DNS]](https://dlaa.me/blog/post/skyhole) -- [Pi-hole Enable/Disable Button](http://thetimmy.silvernight.org/pages/endisbutton/) -- [Minibian Pi-hole](https://munkjensen.net/wiki/index.php/See_my_Pi-Hole#Minibian_Pi-hole) -- [CHiP-hole: Network-wide Ad-blocker](https://www.hackster.io/jacobsalmela/chip-hole-network-wide-ad-blocker-98e037) -- [Chrome Extension: Pi-Hole List Editor](https://chrome.google.com/webstore/detail/pi-hole-list-editor/hlnoeoejkllgkjbnnnhfolapllcnaglh) ([Source Code](https://github.com/packtloss/pihole-extension)) -- [Splunk: Pi-hole Visualiser](https://splunkbase.splunk.com/app/3023/) -- [Adblocking with Pi-hole and Ubuntu 14.04 on VirtualBox](https://hbalagtas.blogspot.com.au/2016/02/adblocking-with-pi-hole-and-ubuntu-1404.html) -- [Pi-hole stats in your Mac's menu bar](https://getbitbar.com/plugins/Network/pi-hole.1m.py) -- [Pi-hole unRAID Template](https://forums.lime-technology.com/topic/36810-support-spants-nodered-mqtt-dashing-couchdb/) -- [Copernicus: Windows Tray Application](https://github.com/goldbattle/copernicus) -- [Let your blink1 device blink when Pi-hole filters ads](https://gist.github.com/elpatron68/ec0b4c582e5abf604885ac1e068d233f) -- [Pi-hole metrics](https://github.com/nlamirault/pihole_exporter) exporter for [Prometheus](https://prometheus.io/) -- [Magic Mirror with DNS Filtering](https://zonksec.com/blog/magic-mirror-dns-filtering/#dnssoftware) -- [Pi-hole Droid: Android client](https://github.com/friimaind/pi-hole-droid) -- [Windows DNS Swapper](https://github.com/roots84/DNS-Swapper), see [#1400](https://github.com/pi-hole/pi-hole/issues/1400) -- [Pi-hole Visualizer](https://www.reddit.com/r/pihole/comments/82ikgb/pihole_visualizer_update/) ----- ## Coverage +- [Software Engineering Daily: Interview with the creator of Pi-hole](https://softwareengineeringdaily.com/2018/05/29/pi-hole-ad-blocker-hardware-with-jacob-salmela/) +- [Bloomberg Business Week: Brotherhood of the Ad blockers](https://www.bloomberg.com/news/features/2018-05-10/inside-the-brotherhood-of-pi-hole-ad-blockers) +- [Securing DNS across all of my devices with Pi-Hole + DNS-over-HTTPS + 1.1.1.1](https://scotthelme.co.uk/securing-dns-across-all-of-my-devices-with-pihole-dns-over-https-1-1-1-1/) +- [Adafruit: installing Pi-hole on a Pi Zero W](https://learn.adafruit.com/pi-hole-ad-blocker-with-pi-zero-w/install-pi-hole) - [Lifehacker: Turn A Raspberry Pi Into An Ad Blocker With A Single Command](https://www.lifehacker.com.au/2015/02/turn-a-raspberry-pi-into-an-ad-blocker-with-a-single-command/) - [MakeUseOf: Adblock Everywhere: The Raspberry Pi-Hole Way](http://www.makeuseof.com/tag/adblock-everywhere-raspberry-pi-hole-way/) - [Catchpoint: Ad-Blocking on Apple iOS9: Valuing the End User Experience](http://blog.catchpoint.com/2015/09/14/ad-blocking-apple/) @@ -222,3 +203,12 @@ While quite outdated at this point, [this original blog post about Pi-hole](http - [CryptoAUSTRALIA: How We Tried 5 Privacy Focused Raspberry Pi Projects](https://blog.cryptoaustralia.org.au/2017/10/05/5-privacy-focused-raspberry-pi-projects/) - [CryptoAUSTRALIA: Pi-hole Workshop](https://blog.cryptoaustralia.org.au/2017/11/02/pi-hole-network-wide-ad-blocker/) - [Know How 355: Killing ads with a Raspberry Pi-Hole!](https://www.twit.tv/shows/know-how/episodes/355) + +----- + +## Pi-hole Projects +- [The Big Blocklist Collection](https://wally3k.github.io) +- [Pie in the Sky-Hole](https://dlaa.me/blog/post/skyhole) +- [Copernicus: Windows Tray Application](https://github.com/goldbattle/copernicus) +- [Magic Mirror with DNS Filtering](https://zonksec.com/blog/magic-mirror-dns-filtering/#dnssoftware) +- [Windows DNS Swapper](https://github.com/roots84/DNS-Swapper) From 35ca54d98f7760e329f11b133431d3bef96623a7 Mon Sep 17 00:00:00 2001 From: Jacob Salmela Date: Mon, 4 Jun 2018 20:00:26 -0500 Subject: [PATCH 152/277] add patreon and adjust affiliate links Signed-off-by: Jacob Salmela --- README.md | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/README.md b/README.md index 40a9254f..77f259e6 100644 --- a/README.md +++ b/README.md @@ -68,12 +68,11 @@ Sending a donation using our links below is **extremely helpful** in offsetting ### Alternative support If you'd rather not [donate](https://pi-hole.net/donate/) (_which is okay!_), there are other ways you can help support us: - +- [Patreon](https://patreon.com/pihole) _Become a patron for rewards_ - [Digital Ocean](http://www.digitalocean.com/?refcode=344d234950e1) _affiliate link_ - [UNIXstickers.com](http://unixstickers.refr.cc/jacobs) _save $5 when you spend $9 using our affiliate link_ - [Pi-hole Swag Store](https://pi-hole.net/shop/) _affiliate link_ - [Amazon](http://www.amazon.com/exec/obidos/redirect-home/pihole09-20) _affiliate link_ -- [Ho-ost](https://clients.ho-ost.com/aff.php?aff=19) _save 50% with our affiliate link_ - [DNS Made Easy](https://cp.dnsmadeeasy.com/u/133706) _affiliate link_ - [Vultr](http://www.vultr.com/?ref=7190426) _affiliate link_ - Spreading the word about our software, and how you have benefited from it @@ -99,9 +98,6 @@ While we are primarily reachable on our Frequently Asked Questions
  • Pi-hole Wiki
  • Feature Requests
  • - -
    -
    • Discourse User Forum
    • Reddit
    • Gitter (Real-time chat)
    • From 9422d57283e0d9f0c5413c1d10cc644f7a22d5ab Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Tue, 5 Jun 2018 12:08:27 +1000 Subject: [PATCH 153/277] Check version of installed php Signed-off-by: Rob Gill --- automated install/basic-install.sh | 26 ++++++++++++++++++++------ 1 file changed, 20 insertions(+), 6 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 395a6203..4cd1e9aa 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -160,13 +160,27 @@ if command -v apt-get &> /dev/null; then # use iproute iproute_pkg="iproute" fi - # We prefer the php metapackage if it's there - if ${PKG_MANAGER} install --dry-run php > /dev/null 2>&1; then - phpVer="php" - # If not, - else + # Check for and determine version number, major and minor of current php install + if command -v php &> /dev/null; then + phpInsVersion="$(php -v | head -n1 | grep -Po '(? /dev/null 2>&1; then + phpVer="php" # fall back on the php5 packages - phpVer="php5" + else + phpVer="php5" + fi + else + # Supported php is installed, its common, cgi & sqlite counterparts are deps + phpInsMajor="$(echo $phpInsVer | cut -d\. -f1)" + phpInsMinor="$(echo $phpInsVer | cut -d\. -f2)" + phpVer="php$phpInsMajor.phpInsMinor" + fi + fi # We also need the correct version for `php-sqlite` (which differs across distros) if ${PKG_MANAGER} install --dry-run ${phpVer}-sqlite3 > /dev/null 2>&1; then From 7181d7ae6a87dda776ca3579fc6dcbb00ca5948d Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Tue, 5 Jun 2018 14:30:18 +1000 Subject: [PATCH 154/277] Left that fi Signed-off-by: Rob Gill --- automated install/basic-install.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 4cd1e9aa..f3f76bd3 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -180,8 +180,6 @@ if command -v apt-get &> /dev/null; then phpInsMinor="$(echo $phpInsVer | cut -d\. -f2)" phpVer="php$phpInsMajor.phpInsMinor" fi - - fi # We also need the correct version for `php-sqlite` (which differs across distros) if ${PKG_MANAGER} install --dry-run ${phpVer}-sqlite3 > /dev/null 2>&1; then phpSqlite="sqlite3" From 714b6c98ef6da478eb46adab9ff34c1b50a6ba09 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Tue, 5 Jun 2018 14:45:01 +1000 Subject: [PATCH 155/277] codacy Signed-off-by: Rob Gill --- automated install/basic-install.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index f3f76bd3..4c26f1a9 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -176,8 +176,8 @@ if command -v apt-get &> /dev/null; then fi else # Supported php is installed, its common, cgi & sqlite counterparts are deps - phpInsMajor="$(echo $phpInsVer | cut -d\. -f1)" - phpInsMinor="$(echo $phpInsVer | cut -d\. -f2)" + phpInsMajor="$(echo "$phpInsVersion" | cut -d\. -f1)" + phpInsMinor="$(echo "$phpInsVersion" | cut -d\. -f2)" phpVer="php$phpInsMajor.phpInsMinor" fi # We also need the correct version for `php-sqlite` (which differs across distros) From 36dbdf955d7ef06cefcdb4eed22c3bf617216172 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Tue, 5 Jun 2018 14:48:24 +1000 Subject: [PATCH 156/277] Update basic-install.sh Signed-off-by: Rob Gill --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 4c26f1a9..481e26db 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -178,7 +178,7 @@ if command -v apt-get &> /dev/null; then # Supported php is installed, its common, cgi & sqlite counterparts are deps phpInsMajor="$(echo "$phpInsVersion" | cut -d\. -f1)" phpInsMinor="$(echo "$phpInsVersion" | cut -d\. -f2)" - phpVer="php$phpInsMajor.phpInsMinor" + phpVer="php$phpInsMajor.$phpInsMinor" fi # We also need the correct version for `php-sqlite` (which differs across distros) if ${PKG_MANAGER} install --dry-run ${phpVer}-sqlite3 > /dev/null 2>&1; then From 13b8e1a2aea2e1d0b57c32ce3d620b407c870d84 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Tue, 5 Jun 2018 15:09:07 +1000 Subject: [PATCH 157/277] quotes. Signed-off-by: Rob Gill --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 481e26db..a4869d24 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -166,7 +166,7 @@ if command -v apt-get &> /dev/null; then echo -e " ${INFO} Existing PHP installation detected : PHP version $phpInsVersion" fi # Check if installed php is supported version (5.4 is EOL) - if [[ $phpInsVersion < "5.5" ]]; then + if [[ "$phpInsVersion" < "5.5" ]]; then # Prefer the php metapackage if it's there if ${PKG_MANAGER} install --dry-run php > /dev/null 2>&1; then phpVer="php" From 7f81cfd45a50476e9654b76f9c4a0393841b75c6 Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Tue, 5 Jun 2018 09:09:35 +0100 Subject: [PATCH 158/277] Stats can still be generated without logging, no need for this sentence Signed-off-by: Adam Warner --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 395a6203..3d9a902a 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -977,7 +977,7 @@ setLogging() { local LogChoices # Ask if the user wants to log queries - LogToggleCommand=(whiptail --separate-output --radiolist "Do you want to log queries?\\n (Disabling will render graphs on the Admin page useless):" ${r} ${c} 6) + LogToggleCommand=(whiptail --separate-output --radiolist "Do you want to log queries?" ${r} ${c} 6) # The default selection is on LogChooseOptions=("On (Recommended)" "" on Off "" off) From f2f6b6ede9fedf26a0a7b56f365746b7fdaaf14a Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Tue, 5 Jun 2018 09:29:03 +0100 Subject: [PATCH 159/277] stickler complaints Signed-off-by: Adam Warner --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 3d9a902a..3d2e5784 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -977,7 +977,7 @@ setLogging() { local LogChoices # Ask if the user wants to log queries - LogToggleCommand=(whiptail --separate-output --radiolist "Do you want to log queries?" ${r} ${c} 6) + LogToggleCommand=(whiptail --separate-output --radiolist "Do you want to log queries?" "${r}" "${c}" 6) # The default selection is on LogChooseOptions=("On (Recommended)" "" on Off "" off) From a3569d88c95ed2dae32753ffa25fab3a217e5f5b Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Tue, 5 Jun 2018 21:42:42 +1000 Subject: [PATCH 160/277] Version strings & bash. Fixed up the version checking. Thanks for your help @dschaper. No longer uses the version string as returned, but uses the major and minor version numbers extracted from it, against the minimum of 5.5. Tested against real install of php 7.0, (and the version check logic separately tested against a variety of artificial version numbers, of multiple digits for both major and minor version. - Lesson learned, I'm never trusting bash again) Signed-off-by: Rob Gill --- automated install/basic-install.sh | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index a4869d24..67cd3a4c 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -160,13 +160,19 @@ if command -v apt-get &> /dev/null; then # use iproute iproute_pkg="iproute" fi - # Check for and determine version number, major and minor of current php install + # Check for and determine version number (major and minor) of current php install if command -v php &> /dev/null; then - phpInsVersion="$(php -v | head -n1 | grep -Po '(? /dev/null 2>&1; then phpVer="php" @@ -176,8 +182,6 @@ if command -v apt-get &> /dev/null; then fi else # Supported php is installed, its common, cgi & sqlite counterparts are deps - phpInsMajor="$(echo "$phpInsVersion" | cut -d\. -f1)" - phpInsMinor="$(echo "$phpInsVersion" | cut -d\. -f2)" phpVer="php$phpInsMajor.$phpInsMinor" fi # We also need the correct version for `php-sqlite` (which differs across distros) From 80040806430417625fe624c58e9dd95f9c597656 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Wed, 6 Jun 2018 22:37:43 +1000 Subject: [PATCH 161/277] Additional command-line completion Signed-off-by: Rob Gill --- advanced/bash-completion/pihole | 74 +++++++++++++++++++++++++++++++-- 1 file changed, 71 insertions(+), 3 deletions(-) diff --git a/advanced/bash-completion/pihole b/advanced/bash-completion/pihole index fc8f2162..5a893f19 100644 --- a/advanced/bash-completion/pihole +++ b/advanced/bash-completion/pihole @@ -1,11 +1,79 @@ _pihole() { - local cur prev opts + local cur prev opts opts_admin opts_checkout opts_chronometer opts_debug opts_interface opts_logging opts_privacy opts_query opts_update opts_version COMPREPLY=() cur="${COMP_WORDS[COMP_CWORD]}" prev="${COMP_WORDS[COMP_CWORD-1]}" - opts="admin blacklist chronometer debug disable enable flush help logging query reconfigure restartdns setupLCD status tail uninstall updateGravity updatePihole version whitelist checkout" + prev2="${COMP_WORDS[COMP_CWORD-2]}" - COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) ) + case "${prev}" in + "pihole") + opts="admin blacklist checkout chronometer debug disable enable flush help logging query reconfigure restartdns status tail uninstall updateGravity updatePihole version wildcard whitelist" + COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) ) + ;; + "whitelist"|"blacklist"|"wildcard") + opts_lists="\--delmode \--noreload \--quiet \--list \--nuke" + COMPREPLY=( $(compgen -W "${opts_lists}" -- ${cur}) ) + ;; + "admin") + opts_admin="celsius email fahrenheit hostrecord interface kelvin password privacylevel" + COMPREPLY=( $(compgen -W "${opts_admin}" -- ${cur}) ) + ;; + "checkout") + opts_checkout="core ftl web master dev" + COMPREPLY=( $(compgen -W "${opts_checkout}" -- ${cur}) ) + ;; + "chronometer") + opts_chronometer="\--exit \--jason \--refresh" + COMPREPLY=( $(compgen -W "${opts_chronometer}" -- ${cur}) ) + ;; + "debug") + opts_debug="-a" + COMPREPLY=( $(compgen -W "${opts_debug}" -- ${cur}) ) + ;; + "logging") + opts_logging="on off 'off noflush'" + COMPREPLY=( $(compgen -W "${opts_logging}" -- ${cur}) ) + ;; + "query") + opts_query="-adlist -all -exact" + COMPREPLY=( $(compgen -W "${opts_query}" -- ${cur}) ) + ;; + "updatePihole"|"-up") + opts_update="--check-only" + COMPREPLY=( $(compgen -W "${opts_update}" -- ${cur}) ) + ;; + "version") + opts_version="\--admin \--current \--ftl \--hash \--latest \--pihole" + COMPREPLY=( $(compgen -W "${opts_version}" -- ${cur}) ) + ;; + "interface") + if ( [[ "$prev2" == "admin" ]] || [[ "$prev2" == "-a" ]] ); then + opts_interface="$(cat /proc/net/dev | cut -d: -s -f1)" + COMPREPLY=( $(compgen -W "${opts_interface}" -- ${cur}) ) + else + return 1 + fi + ;; + "privacylevel") + if ( [[ "$prev2" == "admin" ]] || [[ "$prev2" == "-a" ]] ); then + opts_privacy="0 1 2 3" + COMPREPLY=( $(compgen -W "${opts_privacy}" -- ${cur}) ) + else + return 1 + fi + ;; + "core"|"admin"|"ftl") + if [[ "$prev2" == "checkout" ]]; then + opts_checkout="master dev" + COMPREPLY=( $(compgen -W "${opts_checkout}" -- ${cur}) ) + else + return 1 + fi + ;; + *) + return 1 + ;; + esac return 0 } complete -F _pihole pihole From d254d6075afa7b2c71003c4fa3e103894d0be01d Mon Sep 17 00:00:00 2001 From: DL6ER Date: Wed, 6 Jun 2018 19:26:56 +0200 Subject: [PATCH 162/277] First step from wildcards to regex lists for blocking Signed-off-by: DL6ER --- advanced/Scripts/list.sh | 46 ++++++++++++++++------------------------ 1 file changed, 18 insertions(+), 28 deletions(-) diff --git a/advanced/Scripts/list.sh b/advanced/Scripts/list.sh index 1d96ea3c..a54d7dc8 100755 --- a/advanced/Scripts/list.sh +++ b/advanced/Scripts/list.sh @@ -13,7 +13,7 @@ basename=pihole piholeDir=/etc/"${basename}" whitelist="${piholeDir}"/whitelist.txt blacklist="${piholeDir}"/blacklist.txt -readonly wildcardlist="/etc/dnsmasq.d/03-pihole-wildcard.conf" +readonly regexlist="/etc/pihole/regex.list" reload=false addmode=true verbose=true @@ -31,7 +31,7 @@ helpFunc() { if [[ "${listMain}" == "${whitelist}" ]]; then param="w" type="white" - elif [[ "${listMain}" == "${wildcardlist}" ]]; then + elif [[ "${listMain}" == "${regexlist}" ]]; then param="wild" type="wildcard black" else @@ -57,7 +57,8 @@ Options: EscapeRegexp() { # This way we may safely insert an arbitrary # string in our regular expressions - # Also remove leading "." if present + # This sed is intentionally executed in three steps to ease maintainability + # The first sed removes any amount of leading dots echo $* | sed 's/^\.*//' | sed "s/[]\.|$(){}?+*^]/\\\\&/g" | sed "s/\\//\\\\\//g" } @@ -94,9 +95,6 @@ PoplistFile() { if ${addmode}; then AddDomain "${dom}" "${listMain}" RemoveDomain "${dom}" "${listAlt}" - if [[ "${listMain}" == "${whitelist}" || "${listMain}" == "${blacklist}" ]]; then - RemoveDomain "${dom}" "${wildcardlist}" - fi else RemoveDomain "${dom}" "${listMain}" fi @@ -109,7 +107,6 @@ AddDomain() { [[ "${list}" == "${whitelist}" ]] && listname="whitelist" [[ "${list}" == "${blacklist}" ]] && listname="blacklist" - [[ "${list}" == "${wildcardlist}" ]] && listname="wildcard blacklist" if [[ "${list}" == "${whitelist}" || "${list}" == "${blacklist}" ]]; then [[ "${list}" == "${whitelist}" && -z "${type}" ]] && type="--whitelist-only" @@ -121,7 +118,7 @@ AddDomain() { if [[ "${bool}" == false ]]; then # Domain not found in the whitelist file, add it! if [[ "${verbose}" == true ]]; then - echo -e " ${INFO} Adding $1 to $listname..." + echo -e " ${INFO} Adding ${1} to ${listname}..." fi reload=true # Add it to the list we want to add it to @@ -131,28 +128,22 @@ AddDomain() { echo -e " ${INFO} ${1} already exists in ${listname}, no need to add!" fi fi - elif [[ "${list}" == "${wildcardlist}" ]]; then - source "${piholeDir}/setupVars.conf" - # Remove the /* from the end of the IP addresses - IPV4_ADDRESS=${IPV4_ADDRESS%/*} - IPV6_ADDRESS=${IPV6_ADDRESS%/*} + elif [[ "${list}" == "${regexlist}" ]]; then [[ -z "${type}" ]] && type="--wildcard-only" bool=true # Is the domain in the list? - grep -e "address=\/${domain}\/" "${wildcardlist}" > /dev/null 2>&1 || bool=false + # Search only for exactly matching lines + grep -E "^${domain}$" "${regexlist}" > /dev/null 2>&1 || bool=false if [[ "${bool}" == false ]]; then if [[ "${verbose}" == true ]]; then - echo -e " ${INFO} Adding $1 to wildcard blacklist..." + echo -e " ${INFO} Adding ${1} to regex list..." fi reload="restart" - echo "address=/$1/${IPV4_ADDRESS}" >> "${wildcardlist}" - if [[ "${#IPV6_ADDRESS}" > 0 ]]; then - echo "address=/$1/${IPV6_ADDRESS}" >> "${wildcardlist}" - fi + echo "$1" >> "${regexlist}" else if [[ "${verbose}" == true ]]; then - echo -e " ${INFO} ${1} already exists in wildcard blacklist, no need to add!" + echo -e " ${INFO} ${1} already exists in regex list, no need to add!" fi fi fi @@ -164,7 +155,6 @@ RemoveDomain() { [[ "${list}" == "${whitelist}" ]] && listname="whitelist" [[ "${list}" == "${blacklist}" ]] && listname="blacklist" - [[ "${list}" == "${wildcardlist}" ]] && listname="wildcard blacklist" if [[ "${list}" == "${whitelist}" || "${list}" == "${blacklist}" ]]; then bool=true @@ -174,7 +164,7 @@ RemoveDomain() { grep -Ex -q "${domain}" "${list}" > /dev/null 2>&1 || bool=false if [[ "${bool}" == true ]]; then # Remove it from the other one - echo -e " ${INFO} Removing $1 from $listname..." + echo -e " ${INFO} Removing $1 from ${listname}..." # /I flag: search case-insensitive sed -i "/${domain}/Id" "${list}" reload=true @@ -183,20 +173,20 @@ RemoveDomain() { echo -e " ${INFO} ${1} does not exist in ${listname}, no need to remove!" fi fi - elif [[ "${list}" == "${wildcardlist}" ]]; then + elif [[ "${list}" == "${regexlist}" ]]; then [[ -z "${type}" ]] && type="--wildcard-only" bool=true # Is it in the list? - grep -e "address=\/${domain}\/" "${wildcardlist}" > /dev/null 2>&1 || bool=false + grep -E "^${domain}$" "${regexlist}" > /dev/null 2>&1 || bool=false if [[ "${bool}" == true ]]; then # Remove it from the other one - echo -e " ${INFO} Removing $1 from $listname..." + echo -e " ${INFO} Removing $1 from regex list..." # /I flag: search case-insensitive - sed -i "/address=\/${domain}/Id" "${list}" + sed -i "/${domain}/Id" "${list}" reload=true else if [[ "${verbose}" == true ]]; then - echo -e " ${INFO} ${1} does not exist in ${listname}, no need to remove!" + echo -e " ${INFO} ${1} does not exist in regex list, no need to remove!" fi fi fi @@ -241,7 +231,7 @@ for var in "$@"; do case "${var}" in "-w" | "whitelist" ) listMain="${whitelist}"; listAlt="${blacklist}";; "-b" | "blacklist" ) listMain="${blacklist}"; listAlt="${whitelist}";; - "-wild" | "wildcard" ) listMain="${wildcardlist}";; + "-wild" | "wildcard" ) listMain="${regexlist}";; "-nr"| "--noreload" ) reload=false;; "-d" | "--delmode" ) addmode=false;; "-q" | "--quiet" ) verbose=false;; From 52aa52c3b136e7bbeadc0646f75b91e3fc53b05e Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Thu, 7 Jun 2018 08:19:26 +1000 Subject: [PATCH 163/277] remove duplicate declaration Signed-off-by: Rob Gill --- automated install/basic-install.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index e1702187..4d825c60 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -2028,7 +2028,6 @@ FTLinstall() { local ftlBranch local url - local ftlBranch if [[ -f "/etc/pihole/ftlbranch" ]];then ftlBranch=$( Date: Sat, 9 Jun 2018 10:30:04 +1000 Subject: [PATCH 164/277] --json not --jason Signed-off-by: Rob Gill --- advanced/bash-completion/pihole | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/bash-completion/pihole b/advanced/bash-completion/pihole index 5a893f19..ff8fee56 100644 --- a/advanced/bash-completion/pihole +++ b/advanced/bash-completion/pihole @@ -23,7 +23,7 @@ _pihole() { COMPREPLY=( $(compgen -W "${opts_checkout}" -- ${cur}) ) ;; "chronometer") - opts_chronometer="\--exit \--jason \--refresh" + opts_chronometer="\--exit \--json \--refresh" COMPREPLY=( $(compgen -W "${opts_chronometer}" -- ${cur}) ) ;; "debug") From 6381bdbf334e6583e96cb3c0e2bb6e2f21507201 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Sat, 9 Jun 2018 11:35:30 +1000 Subject: [PATCH 165/277] don't use major.minor for PHP 5 Signed-off-by: --- automated install/basic-install.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 67cd3a4c..9fcb478b 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -166,13 +166,13 @@ if command -v apt-get &> /dev/null; then echo -e " ${INFO} Existing PHP installation detected : PHP version $phpInsVersion" phpInsMajor="$(echo "$phpInsVersion" | cut -d\. -f1)" phpInsMinor="$(echo "$phpInsVersion" | cut -d\. -f2)" - # Is installed php version supported? (php 5.4 is EOL) - if [ "$(echo "$phpInsMajor.$phpInsMinor < 5.5" | bc )" == 0 ]; then - phpInsSupported=true + # Is installed php version newer than php5? + if [ "$(echo "$phpInsMajor.$phpInsMinor < 7.0" | bc )" == 0 ]; then + phpInsNewer=true fi fi # Check if installed php is unsupported version (5.4 is EOL) - if [[ "$phpInsSupported" != true ]]; then + if [[ "$phpInsNewer" != true ]]; then # Prefer the php metapackage if it's there if ${PKG_MANAGER} install --dry-run php > /dev/null 2>&1; then phpVer="php" @@ -181,7 +181,7 @@ if command -v apt-get &> /dev/null; then phpVer="php5" fi else - # Supported php is installed, its common, cgi & sqlite counterparts are deps + # Newer php is installed, its common, cgi & sqlite counterparts are deps phpVer="php$phpInsMajor.$phpInsMinor" fi # We also need the correct version for `php-sqlite` (which differs across distros) From 11f0ade921aa0945cf9b20aad3f0097c92c4bd8d Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Sat, 9 Jun 2018 13:18:36 +1000 Subject: [PATCH 166/277] comments Signed-off-by: Rob Gill --- automated install/basic-install.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 9fcb478b..5186b3cf 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -166,12 +166,12 @@ if command -v apt-get &> /dev/null; then echo -e " ${INFO} Existing PHP installation detected : PHP version $phpInsVersion" phpInsMajor="$(echo "$phpInsVersion" | cut -d\. -f1)" phpInsMinor="$(echo "$phpInsVersion" | cut -d\. -f2)" - # Is installed php version newer than php5? + # Is installed php version 7.0 or greater if [ "$(echo "$phpInsMajor.$phpInsMinor < 7.0" | bc )" == 0 ]; then phpInsNewer=true fi fi - # Check if installed php is unsupported version (5.4 is EOL) + # Check if installed php is v 7.0, or newer to determine packages to install if [[ "$phpInsNewer" != true ]]; then # Prefer the php metapackage if it's there if ${PKG_MANAGER} install --dry-run php > /dev/null 2>&1; then From e422f4154f4a05fa8bcd45e018328fb5c2d5d461 Mon Sep 17 00:00:00 2001 From: Alex Villarreal Date: Mon, 11 Jun 2018 12:56:27 -0500 Subject: [PATCH 167/277] Clean error message on successful response Signed-off-by: Alejandro Villarreal --- advanced/index.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/advanced/index.php b/advanced/index.php index 1575bafc..cad59ec7 100644 --- a/advanced/index.php +++ b/advanced/index.php @@ -329,6 +329,7 @@ setHeader(); setTimeout(function(){window.location.reload(1);}, 10000); $("#bpOutput").removeClass("add"); $("#bpOutput").addClass("success"); + $("#bpOutput").html(""); } else { $("#bpOutput").removeClass("add"); $("#bpOutput").addClass("error"); @@ -338,6 +339,7 @@ setHeader(); error: function(jqXHR, exception) { $("#bpOutput").removeClass("add"); $("#bpOutput").addClass("exception"); + $("#bpOutput").html(""); } }); } From d61fd01d61d95d86f79d1d041319adfc46c59c61 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Wed, 13 Jun 2018 15:47:08 +1000 Subject: [PATCH 168/277] Split queryFunc() into query.sh Signed-off-by: Rob Gill --- advanced/query.sh | 220 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 220 insertions(+) create mode 100644 advanced/query.sh diff --git a/advanced/query.sh b/advanced/query.sh new file mode 100644 index 00000000..3bae7422 --- /dev/null +++ b/advanced/query.sh @@ -0,0 +1,220 @@ +#!/usr/bin/env bash +# Pi-hole: A black hole for Internet advertisements +# (c) 2018 Pi-hole, LLC (https://pi-hole.net) +# Network-wide ad blocking via your own hardware. +# +# Query Domain Lists +# +# This file is copyright under the latest version of the EUPL. +# Please see LICENSE file for your rights under this license. + +# Globals +piholeDir="/etc/pihole" +adListsList="$piholeDir/adlists.list" +options="$*" +adlist="" +all="" +exact="" +blockpage="" +matchType="match" + +colfile="/opt/pihole/COL_TABLE" +source ${colfile} + +# Scan an array of files for matching strings +scanList(){ + # Escape full stops + local domain="${1//./\\.}" lists="${2}" type="${3:-}" + + # Prevent grep from printing file path + cd "$piholeDir" || exit 1 + + # Prevent grep -i matching slowly: http://bit.ly/2xFXtUX + export LC_CTYPE=C + + # /dev/null forces filename to be printed when only one list has been generated + # shellcheck disable=SC2086 + case "${type}" in + "exact" ) grep -i -E -l "(^|\\s)${domain}($|\\s|#)" ${lists} /dev/null;; + "wc" ) grep -i -o -m 1 "/${domain}/" ${lists};; + * ) grep -i "${domain}" ${lists} /dev/null;; + esac +} + +if [[ "${options}" == "-h" ]] || [[ "${options}" == "--help" ]]; then + echo "Usage: pihole -q [option] +Example: 'pihole -q -exact domain.com' +Query the adlists for a specified domain + +Options: + -adlist Print the name of the block list URL + -exact Search the block lists for exact domain matches + -all Return all query matches within a block list + -h, --help Show this help dialog" + exit 0 +fi + +if [[ ! -e "$adListsList" ]]; then + echo -e "${COL_LIGHT_RED}The file '/etc/pihole/adlists.list' was not found${COL_NC}" + exit 1 +fi + +# Handle valid options +if [[ "${options}" == *"-bp"* ]]; then + exact="exact"; blockpage=true +else + [[ "${options}" == *"-adlist"* ]] && adlist=true + [[ "${options}" == *"-all"* ]] && all=true + if [[ "${options}" == *"-exact"* ]]; then + exact="exact"; matchType="exact ${matchType}" + fi +fi + +# Strip valid options, leaving only the domain and invalid options +# This allows users to place the options before or after the domain +options=$(sed -E 's/ ?-(bp|adlists?|all|exact) ?//g' <<< "${options}") + +# Handle remaining options +# If $options contain non ASCII characters, convert to punycode +case "${options}" in + "" ) str="No domain specified";; + *" "* ) str="Unknown query option specified";; + *[![:ascii:]]* ) domainQuery=$(idn2 "${options}");; + * ) domainQuery="${options}";; +esac + +if [[ -n "${str:-}" ]]; then + echo -e "${str}${COL_NC}\\nTry 'pihole -q --help' for more information." + exit 1 +fi + +# Scan Whitelist and Blacklist +lists="whitelist.txt blacklist.txt" +mapfile -t results <<< "$(scanList "${domainQuery}" "${lists}" "${exact}")" + if [[ -n "${results[*]}" ]]; then + wbMatch=true + # Loop through each result in order to print unique file title once + for result in "${results[@]}"; do + fileName="${result%%.*}" + if [[ -n "${blockpage}" ]]; then + echo "π ${result}" + exit 0 + elif [[ -n "${exact}" ]]; then + echo " ${matchType^} found in ${COL_BOLD}${fileName^}${COL_NC}" + else + # Only print filename title once per file + if [[ ! "${fileName}" == "${fileName_prev:-}" ]]; then + echo " ${matchType^} found in ${COL_BOLD}${fileName^}${COL_NC}" + fileName_prev="${fileName}" + fi + echo " ${result#*:}" + fi + done +fi + +# Scan Wildcards +if [[ -e "${wildcardlist}" ]]; then + # Determine all subdomains, domain and TLDs + mapfile -t wildcards <<< "$(processWildcards "${domainQuery}")" + for match in "${wildcards[@]}"; do + # Search wildcard list for matches + mapfile -t results <<< "$(scanList "${match}" "${wildcardlist}" "wc")" + if [[ -n "${results[*]}" ]]; then + if [[ -z "${wcMatch:-}" ]] && [[ -z "${blockpage}" ]]; then + wcMatch=true + echo " ${matchType^} found in ${COL_BOLD}Wildcards${COL_NC}:" + fi + case "${blockpage}" in + true ) echo "π ${wildcardlist##*/}"; exit 0;; + * ) echo " *.${match}";; + esac + fi + done +fi + +# Get version sorted *.domains filenames (without dir path) +lists=("$(cd "$piholeDir" || exit 0; printf "%s\\n" -- *.domains | sort -V)") + +# Query blocklists for occurences of domain +mapfile -t results <<< "$(scanList "${domainQuery}" "${lists[*]}" "${exact}")" + +# Handle notices +if [[ -z "${wbMatch:-}" ]] && [[ -z "${wcMatch:-}" ]] && [[ -z "${results[*]}" ]]; then + echo -e " ${INFO} No ${exact/t/t }results found for ${COL_BOLD}${domainQuery}${COL_NC} within the block lists" + exit 0 +elif [[ -z "${results[*]}" ]]; then + # Result found in WL/BL/Wildcards + exit 0 +elif [[ -z "${all}" ]] && [[ "${#results[*]}" -ge 100 ]]; then + echo -e " ${INFO} Over 100 ${exact/t/t }results found for ${COL_BOLD}${domainQuery}${COL_NC} + This can be overridden using the -all option" + exit 0 +fi + +# Remove unwanted content from non-exact $results +if [[ -z "${exact}" ]]; then + # Delete lines starting with # + # Remove comments after domain + # Remove hosts format IP address + mapfile -t results <<< "$(IFS=$'\n'; sed \ + -e "/:#/d" \ + -e "s/[ \\t]#.*//g" \ + -e "s/:.*[ \\t]/:/g" \ + <<< "${results[*]}")" + # Exit if result was in a comment + [[ -z "${results[*]}" ]] && exit 0 +fi + +# Get adlist file content as array +if [[ -n "${adlist}" ]] || [[ -n "${blockpage}" ]]; then + for adlistUrl in $(< "adListsList"); do + if [[ "${adlistUrl:0:4}" =~ (http|www.) ]]; then + adlists+=("${adlistUrl}") + fi + done +fi + +# Print "Exact matches for" title +if [[ -n "${exact}" ]] && [[ -z "${blockpage}" ]]; then + plural=""; [[ "${#results[*]}" -gt 1 ]] && plural="es" + echo " ${matchType^}${plural} for ${COL_BOLD}${domainQuery}${COL_NC} found in:" +fi + +for result in "${results[@]}"; do + fileName="${result/:*/}" + + # Determine *.domains URL using filename's number + if [[ -n "${adlist}" ]] || [[ -n "${blockpage}" ]]; then + fileNum="${fileName/list./}"; fileNum="${fileNum%%.*}" + fileName="${adlists[$fileNum]}" + + # Discrepency occurs when adlists has been modified, but Gravity has not been run + if [[ -z "${fileName}" ]]; then + fileName="${COL_LIGHT_RED}(no associated adlists URL found)${COL_NC}" + fi + fi + + if [[ -n "${blockpage}" ]]; then + echo "${fileNum} ${fileName}" + elif [[ -n "${exact}" ]]; then + echo " ${fileName}" + else + if [[ ! "${fileName}" == "${fileName_prev:-}" ]]; then + count="" + echo " ${matchType^} found in ${COL_BOLD}${fileName}${COL_NC}:" + fileName_prev="${fileName}" + fi + : $((count++)) + + # Print matching domain if $max_count has not been reached + [[ -z "${all}" ]] && max_count="50" + if [[ -z "${all}" ]] && [[ "${count}" -ge "${max_count}" ]]; then + [[ "${count}" -gt "${max_count}" ]] && continue + echo " ${COL_GRAY}Over ${count} results found, skipping rest of file${COL_NC}" + else + echo " ${result#*:}" + fi + fi +done + +exit 0 From b1207949ac00ea984f57b2b4b9b233a2b33e1db8 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Wed, 13 Jun 2018 15:49:52 +1000 Subject: [PATCH 169/277] Call query.sh to replace queryFunc() Signed-off-by: Rob Gill --- pihole | 186 +-------------------------------------------------------- 1 file changed, 1 insertion(+), 185 deletions(-) diff --git a/pihole b/pihole index c125d0d9..b0cab88e 100755 --- a/pihole +++ b/pihole @@ -125,191 +125,7 @@ processWildcards() { queryFunc() { shift - local options="$*" adlist="" all="" exact="" blockpage="" matchType="match" - - if [[ "${options}" == "-h" ]] || [[ "${options}" == "--help" ]]; then - echo "Usage: pihole -q [option] -Example: 'pihole -q -exact domain.com' -Query the adlists for a specified domain - -Options: - -adlist Print the name of the block list URL - -exact Search the block lists for exact domain matches - -all Return all query matches within a block list - -h, --help Show this help dialog" - exit 0 - fi - - if [[ ! -e "/etc/pihole/adlists.list" ]]; then - echo -e "${COL_LIGHT_RED}The file '/etc/pihole/adlists.list' was not found${COL_NC}" - exit 1 - fi - - # Handle valid options - if [[ "${options}" == *"-bp"* ]]; then - exact="exact"; blockpage=true - else - [[ "${options}" == *"-adlist"* ]] && adlist=true - [[ "${options}" == *"-all"* ]] && all=true - if [[ "${options}" == *"-exact"* ]]; then - exact="exact"; matchType="exact ${matchType}" - fi - fi - - # Strip valid options, leaving only the domain and invalid options - # This allows users to place the options before or after the domain - options=$(sed -E 's/ ?-(bp|adlists?|all|exact) ?//g' <<< "${options}") - - # Handle remaining options - # If $options contain non ASCII characters, convert to punycode - case "${options}" in - "" ) str="No domain specified";; - *" "* ) str="Unknown query option specified";; - *[![:ascii:]]* ) domainQuery=$(idn2 "${options}");; - * ) domainQuery="${options}";; - esac - - if [[ -n "${str:-}" ]]; then - echo -e "${str}${COL_NC}\\nTry 'pihole -q --help' for more information." - exit 1 - fi - - # Scan Whitelist and Blacklist - lists="whitelist.txt blacklist.txt" - mapfile -t results <<< "$(scanList "${domainQuery}" "${lists}" "${exact}")" - - if [[ -n "${results[*]}" ]]; then - wbMatch=true - - # Loop through each result in order to print unique file title once - for result in "${results[@]}"; do - fileName="${result%%.*}" - - if [[ -n "${blockpage}" ]]; then - echo "π ${result}" - exit 0 - elif [[ -n "${exact}" ]]; then - echo " ${matchType^} found in ${COL_BOLD}${fileName^}${COL_NC}" - else - # Only print filename title once per file - if [[ ! "${fileName}" == "${fileName_prev:-}" ]]; then - echo " ${matchType^} found in ${COL_BOLD}${fileName^}${COL_NC}" - fileName_prev="${fileName}" - fi - echo " ${result#*:}" - fi - done - fi - - # Scan Wildcards - if [[ -e "${wildcardlist}" ]]; then - # Determine all subdomains, domain and TLDs - mapfile -t wildcards <<< "$(processWildcards "${domainQuery}")" - - for match in "${wildcards[@]}"; do - # Search wildcard list for matches - mapfile -t results <<< "$(scanList "${match}" "${wildcardlist}" "wc")" - - if [[ -n "${results[*]}" ]]; then - if [[ -z "${wcMatch:-}" ]] && [[ -z "${blockpage}" ]]; then - wcMatch=true - echo " ${matchType^} found in ${COL_BOLD}Wildcards${COL_NC}:" - fi - - case "${blockpage}" in - true ) echo "π ${wildcardlist##*/}"; exit 0;; - * ) echo " *.${match}";; - esac - fi - done - fi - - # Get version sorted *.domains filenames (without dir path) - lists=("$(cd "/etc/pihole" || exit 0; printf "%s\\n" -- *.domains | sort -V)") - - # Query blocklists for occurences of domain - mapfile -t results <<< "$(scanList "${domainQuery}" "${lists[*]}" "${exact}")" - - # Handle notices - if [[ -z "${wbMatch:-}" ]] && [[ -z "${wcMatch:-}" ]] && [[ -z "${results[*]}" ]]; then - echo -e " ${INFO} No ${exact/t/t }results found for ${COL_BOLD}${domainQuery}${COL_NC} within the block lists" - exit 0 - elif [[ -z "${results[*]}" ]]; then - # Result found in WL/BL/Wildcards - exit 0 - elif [[ -z "${all}" ]] && [[ "${#results[*]}" -ge 100 ]]; then - echo -e " ${INFO} Over 100 ${exact/t/t }results found for ${COL_BOLD}${domainQuery}${COL_NC} - This can be overridden using the -all option" - exit 0 - fi - - # Remove unwanted content from non-exact $results - if [[ -z "${exact}" ]]; then - # Delete lines starting with # - # Remove comments after domain - # Remove hosts format IP address - mapfile -t results <<< "$(IFS=$'\n'; sed \ - -e "/:#/d" \ - -e "s/[ \\t]#.*//g" \ - -e "s/:.*[ \\t]/:/g" \ - <<< "${results[*]}")" - - # Exit if result was in a comment - [[ -z "${results[*]}" ]] && exit 0 - fi - - # Get adlist file content as array - if [[ -n "${adlist}" ]] || [[ -n "${blockpage}" ]]; then - for adlistUrl in $(< "/etc/pihole/adlists.list"); do - if [[ "${adlistUrl:0:4}" =~ (http|www.) ]]; then - adlists+=("${adlistUrl}") - fi - done - fi - - # Print "Exact matches for" title - if [[ -n "${exact}" ]] && [[ -z "${blockpage}" ]]; then - plural=""; [[ "${#results[*]}" -gt 1 ]] && plural="es" - echo " ${matchType^}${plural} for ${COL_BOLD}${domainQuery}${COL_NC} found in:" - fi - - for result in "${results[@]}"; do - fileName="${result/:*/}" - - # Determine *.domains URL using filename's number - if [[ -n "${adlist}" ]] || [[ -n "${blockpage}" ]]; then - fileNum="${fileName/list./}"; fileNum="${fileNum%%.*}" - fileName="${adlists[$fileNum]}" - - # Discrepency occurs when adlists has been modified, but Gravity has not been run - if [[ -z "${fileName}" ]]; then - fileName="${COL_LIGHT_RED}(no associated adlists URL found)${COL_NC}" - fi - fi - - if [[ -n "${blockpage}" ]]; then - echo "${fileNum} ${fileName}" - elif [[ -n "${exact}" ]]; then - echo " ${fileName}" - else - if [[ ! "${fileName}" == "${fileName_prev:-}" ]]; then - count="" - echo " ${matchType^} found in ${COL_BOLD}${fileName}${COL_NC}:" - fileName_prev="${fileName}" - fi - : $((count++)) - - # Print matching domain if $max_count has not been reached - [[ -z "${all}" ]] && max_count="50" - if [[ -z "${all}" ]] && [[ "${count}" -ge "${max_count}" ]]; then - [[ "${count}" -gt "${max_count}" ]] && continue - echo " ${COL_GRAY}Over ${count} results found, skipping rest of file${COL_NC}" - else - echo " ${result#*:}" - fi - fi - done - + "${PI_HOLE_SCRIPT_DIR}"/query.sh "$@" exit 0 } From 45a8eda49b7d632ca4d6652558aa8d349fe2bbd3 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Wed, 13 Jun 2018 16:08:21 +1000 Subject: [PATCH 170/277] Stop grep leak in query Fix grep error leak from #1805 Signed-off-by: Rob Gill --- advanced/{ => Scripts}/query.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) rename advanced/{ => Scripts}/query.sh (97%) diff --git a/advanced/query.sh b/advanced/Scripts/query.sh similarity index 97% rename from advanced/query.sh rename to advanced/Scripts/query.sh index 3bae7422..88118ee1 100644 --- a/advanced/query.sh +++ b/advanced/Scripts/query.sh @@ -35,9 +35,9 @@ scanList(){ # /dev/null forces filename to be printed when only one list has been generated # shellcheck disable=SC2086 case "${type}" in - "exact" ) grep -i -E -l "(^|\\s)${domain}($|\\s|#)" ${lists} /dev/null;; - "wc" ) grep -i -o -m 1 "/${domain}/" ${lists};; - * ) grep -i "${domain}" ${lists} /dev/null;; + "exact" ) grep -i -E -l "(^|\\s)${domain}($|\\s|#)" ${lists} /dev/null 2>/dev/null;; + "wc" ) grep -i -o -m 1 "/${domain}/" ${lists} 2>/dev/null;; + * ) grep -i "${domain}" ${lists} /dev/null 2>/dev/null;; esac } From 2255d05664d07c581ca3a81eb37e20cff9c95a19 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Wed, 13 Jun 2018 16:09:49 +1000 Subject: [PATCH 171/277] Remove scanlist(), now in query.sh Signed-off-by: Rob Gill --- pihole | 20 -------------------- 1 file changed, 20 deletions(-) diff --git a/pihole b/pihole index b0cab88e..59ab760f 100755 --- a/pihole +++ b/pihole @@ -86,26 +86,6 @@ updateGravityFunc() { exit 0 } -# Scan an array of files for matching strings -scanList(){ - # Escape full stops - local domain="${1//./\\.}" lists="${2}" type="${3:-}" - - # Prevent grep from printing file path - cd "/etc/pihole" || exit 1 - - # Prevent grep -i matching slowly: http://bit.ly/2xFXtUX - export LC_CTYPE=C - - # /dev/null forces filename to be printed when only one list has been generated - # shellcheck disable=SC2086 - case "${type}" in - "exact" ) grep -i -E -l "(^|\\s)${domain}($|\\s|#)" ${lists} /dev/null;; - "wc" ) grep -i -o -m 1 "/${domain}/" ${lists};; - * ) grep -i "${domain}" ${lists} /dev/null;; - esac -} - # Print each subdomain # e.g: foo.bar.baz.com = "foo.bar.baz.com bar.baz.com baz.com com" processWildcards() { From b8e1849cec356d2ccfa5a9cd519636dd8858daa6 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Wed, 13 Jun 2018 16:19:07 +1000 Subject: [PATCH 172/277] wildcardlist Signed-off-by: Rob Gill --- advanced/Scripts/query.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/advanced/Scripts/query.sh b/advanced/Scripts/query.sh index 88118ee1..8b570ffe 100644 --- a/advanced/Scripts/query.sh +++ b/advanced/Scripts/query.sh @@ -11,6 +11,7 @@ # Globals piholeDir="/etc/pihole" adListsList="$piholeDir/adlists.list" +wildcardlist="/etc/dnsmasq.d/03-pihole-wildcard.conf" options="$*" adlist="" all="" @@ -19,7 +20,7 @@ blockpage="" matchType="match" colfile="/opt/pihole/COL_TABLE" -source ${colfile} +source "$colfile" # Scan an array of files for matching strings scanList(){ From 8ab0b0e46073c6e06e03745113484d422bdf6afc Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Wed, 13 Jun 2018 16:25:43 +1000 Subject: [PATCH 173/277] colfile Signed-off-by: Rob Gill --- advanced/Scripts/query.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/query.sh b/advanced/Scripts/query.sh index 8b570ffe..42f9c895 100644 --- a/advanced/Scripts/query.sh +++ b/advanced/Scripts/query.sh @@ -20,7 +20,7 @@ blockpage="" matchType="match" colfile="/opt/pihole/COL_TABLE" -source "$colfile" +source "${colfile}" # Scan an array of files for matching strings scanList(){ From bf5566649251273f5be5a25593c40f73dfaa7c1d Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Wed, 13 Jun 2018 16:29:07 +1000 Subject: [PATCH 174/277] Appease stickler. Signed-off-by: Rob Gill --- advanced/Scripts/query.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/advanced/Scripts/query.sh b/advanced/Scripts/query.sh index 42f9c895..e1cd6457 100644 --- a/advanced/Scripts/query.sh +++ b/advanced/Scripts/query.sh @@ -1,4 +1,5 @@ #!/usr/bin/env bash +# shellcheck disable=SC1090 # Pi-hole: A black hole for Internet advertisements # (c) 2018 Pi-hole, LLC (https://pi-hole.net) # Network-wide ad blocking via your own hardware. From a7347238e6b22a9b78addef55809d59be7ca9e65 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Fri, 15 Jun 2018 14:42:30 +1000 Subject: [PATCH 175/277] $adListsList replace filename in text Signed-off-by: Rob Gill --- advanced/Scripts/query.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/query.sh b/advanced/Scripts/query.sh index e1cd6457..f9d25511 100644 --- a/advanced/Scripts/query.sh +++ b/advanced/Scripts/query.sh @@ -57,7 +57,7 @@ Options: fi if [[ ! -e "$adListsList" ]]; then - echo -e "${COL_LIGHT_RED}The file '/etc/pihole/adlists.list' was not found${COL_NC}" + echo -e "${COL_LIGHT_RED}The file "$adListsList" was not found${COL_NC}" exit 1 fi From 23adbf9540dbe1034a87d81adc15d7b03f609a51 Mon Sep 17 00:00:00 2001 From: Rob Gill Date: Fri, 15 Jun 2018 14:45:27 +1000 Subject: [PATCH 176/277] remove quotes Signed-off-by: Rob Gill --- advanced/Scripts/query.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/query.sh b/advanced/Scripts/query.sh index f9d25511..5dc80f6b 100644 --- a/advanced/Scripts/query.sh +++ b/advanced/Scripts/query.sh @@ -57,7 +57,7 @@ Options: fi if [[ ! -e "$adListsList" ]]; then - echo -e "${COL_LIGHT_RED}The file "$adListsList" was not found${COL_NC}" + echo -e "${COL_LIGHT_RED}The file $adListsList was not found${COL_NC}" exit 1 fi From a7c73036f0b7801feea2b643221d420caec84282 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sun, 17 Jun 2018 13:37:41 +0200 Subject: [PATCH 177/277] pihole -t: Warn user if Pi-hole's logging is disabled Signed-off-by: DL6ER --- pihole | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/pihole b/pihole index 59ab760f..21329849 100755 --- a/pihole +++ b/pihole @@ -312,6 +312,13 @@ statusFunc() { } tailFunc() { + # Warn user if Pi-hole's logging is disabled + local logging_enabled=$(grep -c "^log-queries" /etc/dnsmasq.d/01-pihole.conf) + if [[ "${logging_enabled}" == "0" ]]; then + # No "log-queries" lines are found. + # Commented out lines (such as "#log-queries") are ignored + echo " ${CROSS} Warning: Query logging is disabled" + fi echo -e " ${INFO} Press Ctrl-C to exit" # Retrieve IPv4/6 addresses From bc705aac039ba7c3fbfcd0aa73b0d991db2b8a14 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sun, 17 Jun 2018 14:26:57 +0200 Subject: [PATCH 178/277] Add automated wildcard list -> regex filter conversion Signed-off-by: DL6ER --- advanced/Scripts/wildcard_regex_converter.sh | 18 ++++++++++++++++++ gravity.sh | 17 ++++++++--------- 2 files changed, 26 insertions(+), 9 deletions(-) create mode 100644 advanced/Scripts/wildcard_regex_converter.sh diff --git a/advanced/Scripts/wildcard_regex_converter.sh b/advanced/Scripts/wildcard_regex_converter.sh new file mode 100644 index 00000000..e862f391 --- /dev/null +++ b/advanced/Scripts/wildcard_regex_converter.sh @@ -0,0 +1,18 @@ +#!/bin/bash + +wildcardFile="/etc/dnsmasq.d/03-pihole-wildcard.conf" + +convert_wildcard_to_regex() { + if [ ! -f "${wildcardFile}" ]; then + return + fi + local addrlines domains uniquedomains + # Obtain wildcard domains from old file + addrlines="$(grep -oE "/.*/" ${wildcardFile})" + # Strip "/" from domain names + domains="$(sed 's/\///g;' <<< "${addrlines}")" + # Remove repeated domains (may have been inserted two times due to A and AAAA blocking) + uniquedomains="$(uniq <<< "${domains}")" + # Automatically generate regex filters and remove old wildcards file + awk '{print "(^)|(\\.)"$0"$"}' <<< "${uniquedomains}" >> "${regexFile}" && rm "${wildcardFile}" +} diff --git a/gravity.sh b/gravity.sh index 58419029..0f64be68 100755 --- a/gravity.sh +++ b/gravity.sh @@ -15,6 +15,8 @@ export LC_ALL=C coltable="/opt/pihole/COL_TABLE" source "${coltable}" +regexconverter="/opt/pihole/wildcard_regex_converter.sh" +source "${regexconverter}" basename="pihole" PIHOLE_COMMAND="/usr/local/bin/${basename}" @@ -26,7 +28,7 @@ adListDefault="${piholeDir}/adlists.default" whitelistFile="${piholeDir}/whitelist.txt" blacklistFile="${piholeDir}/blacklist.txt" -wildcardFile="/etc/dnsmasq.d/03-pihole-wildcard.conf" +regexFile="${piholeDir}/regex.list" adList="${piholeDir}/gravity.list" blackList="${piholeDir}/black.list" @@ -453,7 +455,7 @@ gravity_Whitelist() { echo -e "${OVER} ${INFO} ${str}" } -# Output count of blacklisted domains and wildcards +# Output count of blacklisted domains and regex filters gravity_ShowBlockCount() { local num @@ -462,13 +464,9 @@ gravity_ShowBlockCount() { echo -e " ${INFO} Number of blacklisted domains: ${num}" fi - if [[ -f "${wildcardFile}" ]]; then - num=$(grep -c "^" "${wildcardFile}") - # If IPv4 and IPv6 is used, divide total wildcard count by 2 - if [[ -n "${IPV4_ADDRESS}" ]] && [[ -n "${IPV6_ADDRESS}" ]];then - num=$(( num/2 )) - fi - echo -e " ${INFO} Number of wildcard blocked domains: ${num}" + if [[ -f "${regexFile}" ]]; then + num=$(grep -c "^" "${regexFile}") + echo -e " ${INFO} Number of regex filters: ${num}" fi } @@ -646,6 +644,7 @@ if [[ "${skipDownload}" == false ]] || [[ "${listType}" == "whitelist" ]]; then gravity_Whitelist fi +convert_wildcard_to_regex gravity_ShowBlockCount # Perform when downloading blocklists, or modifying the white/blacklist (not wildcards) From cd026cd865603bac7ca0e1b88b7e1bce5556c556 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sun, 17 Jun 2018 14:43:33 +0200 Subject: [PATCH 179/277] Add comment where regexList is defined Signed-off-by: DL6ER --- advanced/Scripts/wildcard_regex_converter.sh | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/advanced/Scripts/wildcard_regex_converter.sh b/advanced/Scripts/wildcard_regex_converter.sh index e862f391..7c80d07e 100644 --- a/advanced/Scripts/wildcard_regex_converter.sh +++ b/advanced/Scripts/wildcard_regex_converter.sh @@ -1,4 +1,14 @@ #!/bin/bash +# Pi-hole: A black hole for Internet advertisements +# (c) 2017 Pi-hole, LLC (https://pi-hole.net) +# Network-wide ad blocking via your own hardware. +# +# Provides an automated migration subroutine to convert Pi-hole v3.x wildcard domains to Pi-hole v4.x regex filters +# +# This file is copyright under the latest version of the EUPL. +# Please see LICENSE file for your rights under this license. + +# regexFile set in gravity.sh wildcardFile="/etc/dnsmasq.d/03-pihole-wildcard.conf" From c7afe3e9a4a5728faf3c61722609b66d885be8b8 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sun, 17 Jun 2018 14:46:26 +0200 Subject: [PATCH 180/277] Please stickler by making clear that the variable regexFile is declared outside of this routine Signed-off-by: DL6ER --- advanced/Scripts/wildcard_regex_converter.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/wildcard_regex_converter.sh b/advanced/Scripts/wildcard_regex_converter.sh index 7c80d07e..46c5e952 100644 --- a/advanced/Scripts/wildcard_regex_converter.sh +++ b/advanced/Scripts/wildcard_regex_converter.sh @@ -24,5 +24,5 @@ convert_wildcard_to_regex() { # Remove repeated domains (may have been inserted two times due to A and AAAA blocking) uniquedomains="$(uniq <<< "${domains}")" # Automatically generate regex filters and remove old wildcards file - awk '{print "(^)|(\\.)"$0"$"}' <<< "${uniquedomains}" >> "${regexFile}" && rm "${wildcardFile}" + awk '{print "(^)|(\\.)"$0"$"}' <<< "${uniquedomains}" >> "${regexFile:?}" && rm "${wildcardFile}" } From 2809579dd736dfe5f5a5273c55777baf59e3eb8e Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sun, 17 Jun 2018 14:59:21 +0200 Subject: [PATCH 181/277] Refine regex filter generation Signed-off-by: DL6ER --- advanced/Scripts/wildcard_regex_converter.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/advanced/Scripts/wildcard_regex_converter.sh b/advanced/Scripts/wildcard_regex_converter.sh index 46c5e952..d8ebeeb8 100644 --- a/advanced/Scripts/wildcard_regex_converter.sh +++ b/advanced/Scripts/wildcard_regex_converter.sh @@ -19,10 +19,10 @@ convert_wildcard_to_regex() { local addrlines domains uniquedomains # Obtain wildcard domains from old file addrlines="$(grep -oE "/.*/" ${wildcardFile})" - # Strip "/" from domain names - domains="$(sed 's/\///g;' <<< "${addrlines}")" + # Strip "/" from domain names and convert "." to regex-compatible "\." + domains="$(sed 's/\///g;s/\./\\./g' <<< "${addrlines}")" # Remove repeated domains (may have been inserted two times due to A and AAAA blocking) uniquedomains="$(uniq <<< "${domains}")" # Automatically generate regex filters and remove old wildcards file - awk '{print "(^)|(\\.)"$0"$"}' <<< "${uniquedomains}" >> "${regexFile:?}" && rm "${wildcardFile}" + awk '{print "((^)|(\\.))"$0"$"}' <<< "${uniquedomains}" >> "${regexFile:?}" && rm "${wildcardFile}" } From e71492a2b3995cb123fe0266438be5d571da54f4 Mon Sep 17 00:00:00 2001 From: Mark Drobnak Date: Wed, 20 Jun 2018 20:19:38 -0400 Subject: [PATCH 182/277] Update debug script for simple list format Gravity is now just a list of domains, not IP addresses and domains separated by a space. Signed-off-by: Mcat12 --- advanced/Scripts/piholeDebug.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index a7fa4c2a..cffbfe82 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -780,7 +780,7 @@ dig_at() { # Find a random blocked url that has not been whitelisted. # This helps emulate queries to different domains that a user might query # It will also give extra assurance that Pi-hole is correctly resolving and blocking domains - local random_url=$(shuf -n 1 "${PIHOLE_BLOCKLIST_FILE}" | awk -F ' ' '{ print $2 }') + local random_url=$(shuf -n 1 "${PIHOLE_BLOCKLIST_FILE}") # First, do a dig on localhost to see if Pi-hole can use itself to block a domain if local_dig=$(dig +tries=1 +time=2 -"${protocol}" "${random_url}" @${local_address} +short "${record_type}"); then From 868948509a4a7b70feff67537f709eb933cfc33c Mon Sep 17 00:00:00 2001 From: Mcat12 Date: Wed, 20 Jun 2018 20:30:42 -0400 Subject: [PATCH 183/277] Split declaration and assignment of random_url Signed-off-by: Mcat12 --- advanced/Scripts/piholeDebug.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index cffbfe82..2f2b3745 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -780,7 +780,8 @@ dig_at() { # Find a random blocked url that has not been whitelisted. # This helps emulate queries to different domains that a user might query # It will also give extra assurance that Pi-hole is correctly resolving and blocking domains - local random_url=$(shuf -n 1 "${PIHOLE_BLOCKLIST_FILE}") + local random_url + random_url=$(shuf -n 1 "${PIHOLE_BLOCKLIST_FILE}") # First, do a dig on localhost to see if Pi-hole can use itself to block a domain if local_dig=$(dig +tries=1 +time=2 -"${protocol}" "${random_url}" @${local_address} +short "${record_type}"); then From d5547f5c7c6eb450a85fde721579ac3835bad50c Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Sun, 24 Jun 2018 16:06:55 -0700 Subject: [PATCH 184/277] Revert "Fix error: /opt/pihole/gravity.sh: 385: Warning: command substitution: ignored null byte in input" --- gravity.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/gravity.sh b/gravity.sh index ade27b8a..dfcb753a 100755 --- a/gravity.sh +++ b/gravity.sh @@ -387,8 +387,9 @@ gravity_ConsolidateDownloadedBlocklists() { if [[ -r "${i}" ]]; then # Remove windows CRs from file, convert list to lower case, and append into $matterAndLight tr -d '\r' < "${i}" | tr '[:upper:]' '[:lower:]' >> "${piholeDir}/${matterAndLight}" + # Ensure that the first line of a new list is on a new line - IFS= read -r -d '' lastLine <"${piholeDir}/${matterAndLight}" || [[ $lastLine ]] + lastLine=$(tail -1 "${piholeDir}/${matterAndLight}") if [[ "${#lastLine}" -gt 0 ]]; then echo "" >> "${piholeDir}/${matterAndLight}" fi From 9d3d33b6a276a7c94159b4f20429956615362093 Mon Sep 17 00:00:00 2001 From: bcambl Date: Tue, 26 Jun 2018 00:09:30 -0600 Subject: [PATCH 185/277] add tests for selinux checking Signed-off-by: bcambl --- .gitignore | 1 + test/test_automated_install.py | 50 ++++++++++++++++++++++++++++++++++ 2 files changed, 51 insertions(+) diff --git a/.gitignore b/.gitignore index 73f14ae3..91bb6aff 100644 --- a/.gitignore +++ b/.gitignore @@ -3,6 +3,7 @@ *.swp __pycache__ .cache +.pytest_cache # Created by https://www.gitignore.io/api/jetbrains+iml diff --git a/test/test_automated_install.py b/test/test_automated_install.py index 2c65c660..684b7004 100644 --- a/test/test_automated_install.py +++ b/test/test_automated_install.py @@ -173,6 +173,56 @@ def test_configureFirewall_IPTables_enabled_not_exist_no_errors(Pihole): assert 'iptables -I INPUT 1 -p tcp -m tcp --dport 53 -j ACCEPT' in firewall_calls assert 'iptables -I INPUT 1 -p udp -m udp --dport 53 -j ACCEPT' in firewall_calls +def test_selinux_enforcing_default_exit(Pihole): + ''' confirms installer prompts to exit when SELinux is Enforcing by default ''' + # getenforce returns the running state of SELinux + mock_command('getenforce', {'*':('Enforcing', '0')}, Pihole) + # Whiptail dialog returns Cancel for user prompt + mock_command('whiptail', {'*':('', '1')}, Pihole) + check_selinux = Pihole.run(''' + source /opt/pihole/basic-install.sh + checkSelinux + ''') + assert info_box + ' SELinux mode detected: Enforcing' in check_selinux.stdout + assert 'SELinux Enforcing detected, exiting installer' in check_selinux.stdout + assert check_selinux.rc == 1 + +def test_selinux_enforcing_continue(Pihole): + ''' confirms installer prompts to continue with custom policy warning ''' + # getenforce returns the running state of SELinux + mock_command('getenforce', {'*':('Enforcing', '0')}, Pihole) + # Whiptail dialog returns Cancel for user prompt + mock_command('whiptail', {'*':('', '0')}, Pihole) + check_selinux = Pihole.run(''' + source /opt/pihole/basic-install.sh + checkSelinux + ''') + assert info_box + ' SELinux mode detected: Enforcing' in check_selinux.stdout + assert info_box + ' Continuing installation with SELinux Enforcing' in check_selinux.stdout + assert info_box + ' Please refer to official SELinux documentation to create a custom policy' in check_selinux.stdout + assert check_selinux.rc == 0 + +def test_selinux_permissive(Pihole): + ''' confirms installer continues when SELinux is Permissive ''' + # getenforce returns the running state of SELinux + mock_command('getenforce', {'*':('Permissive', '0')}, Pihole) + check_selinux = Pihole.run(''' + source /opt/pihole/basic-install.sh + checkSelinux + ''') + assert info_box + ' SELinux mode detected: Permissive' in check_selinux.stdout + assert check_selinux.rc == 0 + +def test_selinux_disabled(Pihole): + ''' confirms installer continues when SELinux is Disabled ''' + mock_command('getenforce', {'*':('Disabled', '0')}, Pihole) + check_selinux = Pihole.run(''' + source /opt/pihole/basic-install.sh + checkSelinux + ''') + assert info_box + ' SELinux mode detected: Disabled' in check_selinux.stdout + assert check_selinux.rc == 0 + def test_installPiholeWeb_fresh_install_no_errors(Pihole): ''' confirms all web page assets from Core repo are installed on a fresh build ''' installWeb = Pihole.run(''' From b74fb3f179f6cc29f71d7284a86e9b4e1ea64134 Mon Sep 17 00:00:00 2001 From: Andrew Janke Date: Fri, 29 Jun 2018 00:28:43 +1000 Subject: [PATCH 186/277] typo fix --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 3152d9c1..2be62865 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -850,7 +850,7 @@ setDNS() { fi # Dialog for the user to enter custom upstream servers - piholeDNS=$(whiptail --backtitle "Specify Upstream DNS Provider(s)" --inputbox "Enter your desired upstream DNS provider(s), seperated by a comma.\\n\\nFor example '8.8.8.8, 8.8.4.4'" ${r} ${c} "${prePopulate}" 3>&1 1>&2 2>&3) || \ + piholeDNS=$(whiptail --backtitle "Specify Upstream DNS Provider(s)" --inputbox "Enter your desired upstream DNS provider(s), separated by a comma.\\n\\nFor example '8.8.8.8, 8.8.4.4'" ${r} ${c} "${prePopulate}" 3>&1 1>&2 2>&3) || \ { echo -e " ${COL_LIGHT_RED}Cancel was selected, exiting installer${COL_NC}"; exit 1; } # PIHOLE_DNS_1=$(echo "${piholeDNS}" | sed 's/[, \t]\+/,/g' | awk -F, '{print$1}') From 55175087c4738063b2c778befbc6517bd74c6c14 Mon Sep 17 00:00:00 2001 From: Mcat12 Date: Thu, 28 Jun 2018 22:52:44 -0400 Subject: [PATCH 187/277] Set regex file permissions for web access Signed-off-by: Mcat12 --- gravity.sh | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/gravity.sh b/gravity.sh index 0f64be68..aaab6237 100755 --- a/gravity.sh +++ b/gravity.sh @@ -644,6 +644,11 @@ if [[ "${skipDownload}" == false ]] || [[ "${listType}" == "whitelist" ]]; then gravity_Whitelist fi +# Set proper permissions on the regex file +touch "${regexFile}" +chown pihole:www-data "${regexFile}" +chmod 664 "${regexFile}" + convert_wildcard_to_regex gravity_ShowBlockCount From cffb4de83b99361a46ced3ba33253fe69c987075 Mon Sep 17 00:00:00 2001 From: Mcat12 Date: Thu, 28 Jun 2018 22:59:15 -0400 Subject: [PATCH 188/277] Use strict grep instead of regex for duplicates Signed-off-by: Mcat12 --- advanced/Scripts/list.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/advanced/Scripts/list.sh b/advanced/Scripts/list.sh index a54d7dc8..3a9c8ece 100755 --- a/advanced/Scripts/list.sh +++ b/advanced/Scripts/list.sh @@ -133,7 +133,7 @@ AddDomain() { bool=true # Is the domain in the list? # Search only for exactly matching lines - grep -E "^${domain}$" "${regexlist}" > /dev/null 2>&1 || bool=false + grep -Fx "${domain}" "${regexlist}" > /dev/null 2>&1 || bool=false if [[ "${bool}" == false ]]; then if [[ "${verbose}" == true ]]; then @@ -177,7 +177,7 @@ RemoveDomain() { [[ -z "${type}" ]] && type="--wildcard-only" bool=true # Is it in the list? - grep -E "^${domain}$" "${regexlist}" > /dev/null 2>&1 || bool=false + grep -Fx "${domain}" "${regexlist}" > /dev/null 2>&1 || bool=false if [[ "${bool}" == true ]]; then # Remove it from the other one echo -e " ${INFO} Removing $1 from regex list..." From 8435eeed4dc5b7bf62dd56a8db3c0760e78afd90 Mon Sep 17 00:00:00 2001 From: Mcat12 Date: Thu, 28 Jun 2018 23:21:01 -0400 Subject: [PATCH 189/277] Don't validate regex domains Signed-off-by: Mcat12 --- advanced/Scripts/list.sh | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/advanced/Scripts/list.sh b/advanced/Scripts/list.sh index 3a9c8ece..04eed7db 100755 --- a/advanced/Scripts/list.sh +++ b/advanced/Scripts/list.sh @@ -66,10 +66,14 @@ HandleOther() { # Convert to lowercase domain="${1,,}" - # Check validity of domain + # Check validity of domain (don't check for regex entries) if [[ "${#domain}" -le 253 ]]; then - validDomain=$(grep -P "^((-|_)*[a-z\d]((-|_)*[a-z\d])*(-|_)*)(\.(-|_)*([a-z\d]((-|_)*[a-z\d])*))*$" <<< "${domain}") # Valid chars check - validDomain=$(grep -P "^[^\.]{1,63}(\.[^\.]{1,63})*$" <<< "${validDomain}") # Length of each label + if [[ "${listMain}" == "${regexlist}" ]]; then + validDomain="" + else + validDomain=$(grep -P "^((-|_)*[a-z\d]((-|_)*[a-z\d])*(-|_)*)(\.(-|_)*([a-z\d]((-|_)*[a-z\d])*))*$" <<< "${domain}") # Valid chars check + validDomain=$(grep -P "^[^\.]{1,63}(\.[^\.]{1,63})*$" <<< "${validDomain}") # Length of each label + fi fi if [[ -n "${validDomain}" ]]; then From 4a953b66e0e989307dcfd1114cd06b8f1f242ffa Mon Sep 17 00:00:00 2001 From: Mcat12 Date: Fri, 29 Jun 2018 22:51:37 -0400 Subject: [PATCH 190/277] Make removing regex domains work correctly Signed-off-by: Mcat12 --- advanced/Scripts/list.sh | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/advanced/Scripts/list.sh b/advanced/Scripts/list.sh index 04eed7db..38eea69f 100755 --- a/advanced/Scripts/list.sh +++ b/advanced/Scripts/list.sh @@ -69,7 +69,7 @@ HandleOther() { # Check validity of domain (don't check for regex entries) if [[ "${#domain}" -le 253 ]]; then if [[ "${listMain}" == "${regexlist}" ]]; then - validDomain="" + validDomain="${domain}" else validDomain=$(grep -P "^((-|_)*[a-z\d]((-|_)*[a-z\d])*(-|_)*)(\.(-|_)*([a-z\d]((-|_)*[a-z\d])*))*$" <<< "${domain}") # Valid chars check validDomain=$(grep -P "^[^\.]{1,63}(\.[^\.]{1,63})*$" <<< "${validDomain}") # Length of each label @@ -185,8 +185,9 @@ RemoveDomain() { if [[ "${bool}" == true ]]; then # Remove it from the other one echo -e " ${INFO} Removing $1 from regex list..." - # /I flag: search case-insensitive - sed -i "/${domain}/Id" "${list}" + local lineNumber + lineNumber=$(grep -Fnx "$1" "${list}" | cut -f1 -d:) + sed -i "${lineNumber}d" "${list}" reload=true else if [[ "${verbose}" == true ]]; then From 0decc37b5ad7371f5faa0c4cd1012e8ddab3b9f9 Mon Sep 17 00:00:00 2001 From: Mcat12 Date: Fri, 29 Jun 2018 22:55:00 -0400 Subject: [PATCH 191/277] Appease stickler Signed-off-by: Mcat12 --- advanced/Scripts/list.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/advanced/Scripts/list.sh b/advanced/Scripts/list.sh index 38eea69f..b2a15434 100755 --- a/advanced/Scripts/list.sh +++ b/advanced/Scripts/list.sh @@ -71,8 +71,8 @@ HandleOther() { if [[ "${listMain}" == "${regexlist}" ]]; then validDomain="${domain}" else - validDomain=$(grep -P "^((-|_)*[a-z\d]((-|_)*[a-z\d])*(-|_)*)(\.(-|_)*([a-z\d]((-|_)*[a-z\d])*))*$" <<< "${domain}") # Valid chars check - validDomain=$(grep -P "^[^\.]{1,63}(\.[^\.]{1,63})*$" <<< "${validDomain}") # Length of each label + validDomain=$(grep -P "^((-|_)*[a-z\\d]((-|_)*[a-z\\d])*(-|_)*)(\\.(-|_)*([a-z\\d]((-|_)*[a-z\\d])*))*$" <<< "${domain}") # Valid chars check + validDomain=$(grep -P "^[^\\.]{1,63}(\\.[^\\.]{1,63})*$" <<< "${validDomain}") # Length of each label fi fi From 3077c22e4fa9cd7ebf69f759df3f70e03d53e67e Mon Sep 17 00:00:00 2001 From: Mcat12 Date: Fri, 29 Jun 2018 23:10:49 -0400 Subject: [PATCH 192/277] Change help strings from wildcard to regex blacklist Signed-off-by: Mcat12 --- advanced/Scripts/list.sh | 2 +- pihole | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/advanced/Scripts/list.sh b/advanced/Scripts/list.sh index b2a15434..bd80c3d8 100755 --- a/advanced/Scripts/list.sh +++ b/advanced/Scripts/list.sh @@ -33,7 +33,7 @@ helpFunc() { type="white" elif [[ "${listMain}" == "${regexlist}" ]]; then param="wild" - type="wildcard black" + type="regex black" else param="b" type="black" diff --git a/pihole b/pihole index b3f532af..8cda6938 100755 --- a/pihole +++ b/pihole @@ -599,7 +599,7 @@ Add '-h' after specific commands for more information on usage Whitelist/Blacklist Options: -w, whitelist Whitelist domain(s) -b, blacklist Blacklist domain(s) - -wild, wildcard Blacklist domain(s), and all its subdomains + -wild, wildcard Regex blacklist domain(s) Add '-h' for more info on whitelist/blacklist usage Debugging Options: From 61f0cbe10a1bd9f61b4f9307a2d4d41c765bc278 Mon Sep 17 00:00:00 2001 From: Mcat12 Date: Fri, 29 Jun 2018 23:34:15 -0400 Subject: [PATCH 193/277] Update pihole man page for regex Signed-off-by: Mcat12 --- manpages/pihole.8 | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/manpages/pihole.8 b/manpages/pihole.8 index 54bf4a31..76ca0c7c 100644 --- a/manpages/pihole.8 +++ b/manpages/pihole.8 @@ -68,7 +68,7 @@ Available commands and options: \fB-wild, wildcard\fR [options] [ ] .br - Add or removes specified domain, and all subdomains to the blacklist + Add or removes specified regex pattern to the regex blacklist .br (Whitelist/Blacklist manipulation options): @@ -167,9 +167,9 @@ Available commands and options: Show a help dialog .br -\fB-l, logging\fR [on|off|off noflush] +\fB-l, logging\fR [on|off|off noflush] .br - Specify whether the Pi-hole log should be used + Specify whether the Pi-hole log should be used .br (Logging options): @@ -193,7 +193,7 @@ Available commands and options: .br Show installed versions of Pi-hole, Web Interface & FTL .br - + .br (repo options): .br @@ -232,7 +232,7 @@ Available commands and options: Disable Pi-hole subsystems, optionally for a set duration .br - (time options): + (time options): .br #s Disable Pi-hole functionality for # second(s) .br @@ -275,9 +275,9 @@ Some usage examples \fBpihole -w iloveads.example.com\fR Add "iloveads.example.com" to whitelist .br - \fBpihole -b -d noads.example.com\fR Remove "noads.example.com" from blacklist + \fBpihole -b -d noads.example.com\fR Remove "noads.example.com" from blacklist .br - \fBpihole -wild example.com\fR Add "example.com" as wildcard - would block ads.example.com, www.example.com etc. + \fBpihole -wild ^example.*$\fR Add "^example.*$" as a regex pattern - would block all domains starting with "example" .br Changing the Web Interface password From f8680520629692a35096e60f8cf8da2d219d8653 Mon Sep 17 00:00:00 2001 From: Mcat12 Date: Sat, 30 Jun 2018 15:50:43 -0400 Subject: [PATCH 194/277] Fix incorrect variable string substitution Signed-off-by: Mcat12 --- advanced/Scripts/query.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advanced/Scripts/query.sh b/advanced/Scripts/query.sh index 5dc80f6b..e36a9d2b 100644 --- a/advanced/Scripts/query.sh +++ b/advanced/Scripts/query.sh @@ -169,7 +169,7 @@ fi # Get adlist file content as array if [[ -n "${adlist}" ]] || [[ -n "${blockpage}" ]]; then - for adlistUrl in $(< "adListsList"); do + for adlistUrl in $(< "${adListsList}"); do if [[ "${adlistUrl:0:4}" =~ (http|www.) ]]; then adlists+=("${adlistUrl}") fi From 4763969c8f4a2651995cb4dc55b87e6159ea08ea Mon Sep 17 00:00:00 2001 From: Mcat12 Date: Sat, 30 Jun 2018 22:03:53 -0400 Subject: [PATCH 195/277] Move processWildcards to query.sh Closes #2255 Signed-off-by: Mcat12 --- advanced/Scripts/query.sh | 17 +++++++++++++++++ pihole | 17 ----------------- 2 files changed, 17 insertions(+), 17 deletions(-) diff --git a/advanced/Scripts/query.sh b/advanced/Scripts/query.sh index e36a9d2b..6bd37079 100644 --- a/advanced/Scripts/query.sh +++ b/advanced/Scripts/query.sh @@ -23,6 +23,23 @@ matchType="match" colfile="/opt/pihole/COL_TABLE" source "${colfile}" +# Print each subdomain +# e.g: foo.bar.baz.com = "foo.bar.baz.com bar.baz.com baz.com com" +processWildcards() { + IFS="." read -r -a array <<< "${1}" + for (( i=${#array[@]}-1; i>=0; i-- )); do + ar="" + for (( j=${#array[@]}-1; j>${#array[@]}-i-2; j-- )); do + if [[ $j == $((${#array[@]}-1)) ]]; then + ar="${array[$j]}" + else + ar="${array[$j]}.${ar}" + fi + done + echo "${ar}" + done +} + # Scan an array of files for matching strings scanList(){ # Escape full stops diff --git a/pihole b/pihole index 21329849..0ee0c22f 100755 --- a/pihole +++ b/pihole @@ -86,23 +86,6 @@ updateGravityFunc() { exit 0 } -# Print each subdomain -# e.g: foo.bar.baz.com = "foo.bar.baz.com bar.baz.com baz.com com" -processWildcards() { - IFS="." read -r -a array <<< "${1}" - for (( i=${#array[@]}-1; i>=0; i-- )); do - ar="" - for (( j=${#array[@]}-1; j>${#array[@]}-i-2; j-- )); do - if [[ $j == $((${#array[@]}-1)) ]]; then - ar="${array[$j]}" - else - ar="${array[$j]}.${ar}" - fi - done - echo "${ar}" - done -} - queryFunc() { shift "${PI_HOLE_SCRIPT_DIR}"/query.sh "$@" From 7ddae8f2eb94fa751b346c24d8c256706f81ba0f Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Mon, 2 Jul 2018 19:59:22 +1000 Subject: [PATCH 196/277] Treat URLs without a protocol as HTTP Signed off by WaLLy3K --- gravity.sh | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/gravity.sh b/gravity.sh index dfcb753a..b7089ed1 100755 --- a/gravity.sh +++ b/gravity.sh @@ -218,8 +218,15 @@ gravity_DownloadBlocklistFromUrl() { httpCode=$(curl -s -L ${cmd_ext} ${heisenbergCompensator} -w "%{http_code}" -A "${agent}" "${url}" -o "${patternBuffer}" 2> /dev/null) case $url in + # Did we "download" a local file? + "file"*) + if [[ -s "${patternBuffer}" ]]; then + echo -e "${OVER} ${TICK} ${str} Retrieval successful"; success=true + else + echo -e "${OVER} ${CROSS} ${str} Not found / empty list" + fi;; # Did we "download" a remote file? - "http"*) + *) # Determine "Status:" output based on HTTP response case "${httpCode}" in "200") echo -e "${OVER} ${TICK} ${str} Retrieval successful"; success=true;; @@ -233,16 +240,8 @@ gravity_DownloadBlocklistFromUrl() { "504") echo -e "${OVER} ${CROSS} ${str} Connection Timed Out (Gateway)";; "521") echo -e "${OVER} ${CROSS} ${str} Web Server Is Down (Cloudflare)";; "522") echo -e "${OVER} ${CROSS} ${str} Connection Timed Out (Cloudflare)";; - * ) echo -e "${OVER} ${CROSS} ${str} ${httpCode}";; + * ) echo -e "${OVER} ${CROSS} ${str} ${url} (${httpCode})";; esac;; - # Did we "download" a local file? - "file"*) - if [[ -s "${patternBuffer}" ]]; then - echo -e "${OVER} ${TICK} ${str} Retrieval successful"; success=true - else - echo -e "${OVER} ${CROSS} ${str} Not found / empty list" - fi;; - *) echo -e "${OVER} ${CROSS} ${str} ${url} ${httpCode}";; esac # Determine if the blocklist was downloaded and saved correctly From 4468d81472cf43cb4d83909d3ca642499b6660a2 Mon Sep 17 00:00:00 2001 From: bcambl Date: Mon, 2 Jul 2018 14:54:19 -0600 Subject: [PATCH 197/277] python linting: 2 lines prior to defs (E302) Signed-off-by: bcambl --- test/conftest.py | 6 ++++++ test/test_000_build_containers.py | 1 + test/test_automated_install.py | 33 +++++++++++++++++++++++++++++++ test/test_shellcheck.py | 1 + 4 files changed, 41 insertions(+) diff --git a/test/conftest.py b/test/conftest.py index 5960cc24..44e0a4a4 100644 --- a/test/conftest.py +++ b/test/conftest.py @@ -5,6 +5,7 @@ check_output = testinfra.get_backend( "local://" ).get_module("Command").check_output + @pytest.fixture def Pihole(Docker): ''' used to contain some script stubbing, now pretty much an alias. @@ -25,6 +26,7 @@ def Pihole(Docker): Docker.run = funcType(run_bash, Docker, testinfra.backend.docker.DockerBackend) return Docker + @pytest.fixture def Docker(request, args, image, cmd): ''' combine our fixtures into a docker run command and setup finalizer to cleanup ''' @@ -40,21 +42,25 @@ def Docker(request, args, image, cmd): docker_container.id = docker_id return docker_container + @pytest.fixture def args(request): ''' -t became required when tput began being used ''' return '-t -d' + @pytest.fixture(params=['debian', 'centos']) def tag(request): ''' consumed by image to make the test matrix ''' return request.param + @pytest.fixture() def image(request, tag): ''' built by test_000_build_containers.py ''' return 'pytest_pihole:{}'.format(tag) + @pytest.fixture() def cmd(request): ''' default to doing nothing by tailing null, but don't exit ''' diff --git a/test/test_000_build_containers.py b/test/test_000_build_containers.py index c617f3ae..725136d8 100644 --- a/test/test_000_build_containers.py +++ b/test/test_000_build_containers.py @@ -6,6 +6,7 @@ run_local = testinfra.get_backend( "local://" ).get_module("Command").run + @pytest.mark.parametrize("image,tag", [ ( 'test/debian.Dockerfile', 'pytest_pihole:debian' ), ( 'test/centos.Dockerfile', 'pytest_pihole:centos' ), diff --git a/test/test_automated_install.py b/test/test_automated_install.py index 684b7004..f7b8702d 100644 --- a/test/test_automated_install.py +++ b/test/test_automated_install.py @@ -13,6 +13,7 @@ tick_box="[\x1b[1;32m\xe2\x9c\x93\x1b[0m]".decode("utf-8") cross_box="[\x1b[1;31m\xe2\x9c\x97\x1b[0m]".decode("utf-8") info_box="[i]".decode("utf-8") + def test_setupVars_are_sourced_to_global_scope(Pihole): ''' currently update_dialogs sources setupVars with a dot, then various other functions use the variables. @@ -46,6 +47,7 @@ def test_setupVars_are_sourced_to_global_scope(Pihole): for k,v in SETUPVARS.iteritems(): assert "{}={}".format(k, v) in output + def test_setupVars_saved_to_file(Pihole): ''' confirm saved settings are written to a file for future updates to re-use ''' set_setup_vars = '\n' # dedent works better with this and padding matching script below @@ -70,6 +72,7 @@ def test_setupVars_saved_to_file(Pihole): for k,v in SETUPVARS.iteritems(): assert "{}={}".format(k, v) in output + def test_configureFirewall_firewalld_running_no_errors(Pihole): ''' confirms firewalld rules are applied when firewallD is running ''' # firewallD returns 'running' as status @@ -87,6 +90,7 @@ def test_configureFirewall_firewalld_running_no_errors(Pihole): assert 'firewall-cmd --permanent --add-service=http --add-service=dns' in firewall_calls assert 'firewall-cmd --reload' in firewall_calls + def test_configureFirewall_firewalld_disabled_no_errors(Pihole): ''' confirms firewalld rules are not applied when firewallD is not running ''' # firewallD returns non-running status @@ -98,6 +102,7 @@ def test_configureFirewall_firewalld_disabled_no_errors(Pihole): expected_stdout = 'No active firewall detected.. skipping firewall configuration' assert expected_stdout in configureFirewall.stdout + def test_configureFirewall_firewalld_enabled_declined_no_errors(Pihole): ''' confirms firewalld rules are not applied when firewallD is running, user declines ruleset ''' # firewallD returns running status @@ -111,6 +116,7 @@ def test_configureFirewall_firewalld_enabled_declined_no_errors(Pihole): expected_stdout = 'Not installing firewall rulesets.' assert expected_stdout in configureFirewall.stdout + def test_configureFirewall_no_firewall(Pihole): ''' confirms firewall skipped no daemon is running ''' configureFirewall = Pihole.run(''' @@ -120,6 +126,7 @@ def test_configureFirewall_no_firewall(Pihole): expected_stdout = 'No active firewall detected' assert expected_stdout in configureFirewall.stdout + def test_configureFirewall_IPTables_enabled_declined_no_errors(Pihole): ''' confirms IPTables rules are not applied when IPTables is running, user declines ruleset ''' # iptables command exists @@ -135,6 +142,7 @@ def test_configureFirewall_IPTables_enabled_declined_no_errors(Pihole): expected_stdout = 'Not installing firewall rulesets.' assert expected_stdout in configureFirewall.stdout + def test_configureFirewall_IPTables_enabled_rules_exist_no_errors(Pihole): ''' confirms IPTables rules are not applied when IPTables is running and rules exist ''' # iptables command exists and returns 0 on calls (should return 0 on iptables -C) @@ -154,6 +162,7 @@ def test_configureFirewall_IPTables_enabled_rules_exist_no_errors(Pihole): assert 'iptables -I INPUT 1 -p tcp -m tcp --dport 53 -j ACCEPT' not in firewall_calls assert 'iptables -I INPUT 1 -p udp -m udp --dport 53 -j ACCEPT' not in firewall_calls + def test_configureFirewall_IPTables_enabled_not_exist_no_errors(Pihole): ''' confirms IPTables rules are applied when IPTables is running and rules do not exist ''' # iptables command and returns 0 on calls (should return 1 on iptables -C) @@ -173,6 +182,7 @@ def test_configureFirewall_IPTables_enabled_not_exist_no_errors(Pihole): assert 'iptables -I INPUT 1 -p tcp -m tcp --dport 53 -j ACCEPT' in firewall_calls assert 'iptables -I INPUT 1 -p udp -m udp --dport 53 -j ACCEPT' in firewall_calls + def test_selinux_enforcing_default_exit(Pihole): ''' confirms installer prompts to exit when SELinux is Enforcing by default ''' # getenforce returns the running state of SELinux @@ -187,6 +197,7 @@ def test_selinux_enforcing_default_exit(Pihole): assert 'SELinux Enforcing detected, exiting installer' in check_selinux.stdout assert check_selinux.rc == 1 + def test_selinux_enforcing_continue(Pihole): ''' confirms installer prompts to continue with custom policy warning ''' # getenforce returns the running state of SELinux @@ -202,6 +213,7 @@ def test_selinux_enforcing_continue(Pihole): assert info_box + ' Please refer to official SELinux documentation to create a custom policy' in check_selinux.stdout assert check_selinux.rc == 0 + def test_selinux_permissive(Pihole): ''' confirms installer continues when SELinux is Permissive ''' # getenforce returns the running state of SELinux @@ -213,6 +225,7 @@ def test_selinux_permissive(Pihole): assert info_box + ' SELinux mode detected: Permissive' in check_selinux.stdout assert check_selinux.rc == 0 + def test_selinux_disabled(Pihole): ''' confirms installer continues when SELinux is Disabled ''' mock_command('getenforce', {'*':('Disabled', '0')}, Pihole) @@ -223,6 +236,7 @@ def test_selinux_disabled(Pihole): assert info_box + ' SELinux mode detected: Disabled' in check_selinux.stdout assert check_selinux.rc == 0 + def test_installPiholeWeb_fresh_install_no_errors(Pihole): ''' confirms all web page assets from Core repo are installed on a fresh build ''' installWeb = Pihole.run(''' @@ -238,6 +252,7 @@ def test_installPiholeWeb_fresh_install_no_errors(Pihole): assert 'index.php' in web_directory assert 'blockingpage.css' in web_directory + def test_update_package_cache_success_no_errors(Pihole): ''' confirms package cache was updated without any errors''' updateCache = Pihole.run(''' @@ -248,6 +263,7 @@ def test_update_package_cache_success_no_errors(Pihole): assert tick_box + ' Update local cache of available packages' in updateCache.stdout assert 'Error: Unable to update package cache.' not in updateCache.stdout + def test_update_package_cache_failure_no_errors(Pihole): ''' confirms package cache was not updated''' mock_command('apt-get', {'update':('', '1')}, Pihole) @@ -259,6 +275,7 @@ def test_update_package_cache_failure_no_errors(Pihole): assert cross_box + ' Update local cache of available packages' in updateCache.stdout assert 'Error: Unable to update package cache.' in updateCache.stdout + def test_FTL_detect_aarch64_no_errors(Pihole): ''' confirms only aarch64 package is downloaded for FTL engine ''' # mock uname to return aarch64 platform @@ -276,6 +293,7 @@ def test_FTL_detect_aarch64_no_errors(Pihole): expected_stdout = tick_box + ' Downloading and Installing FTL' assert expected_stdout in detectPlatform.stdout + def test_FTL_detect_armv6l_no_errors(Pihole): ''' confirms only armv6l package is downloaded for FTL engine ''' # mock uname to return armv6l platform @@ -293,6 +311,7 @@ def test_FTL_detect_armv6l_no_errors(Pihole): expected_stdout = tick_box + ' Downloading and Installing FTL' assert expected_stdout in detectPlatform.stdout + def test_FTL_detect_armv7l_no_errors(Pihole): ''' confirms only armv7l package is downloaded for FTL engine ''' # mock uname to return armv7l platform @@ -310,6 +329,7 @@ def test_FTL_detect_armv7l_no_errors(Pihole): expected_stdout = tick_box + ' Downloading and Installing FTL' assert expected_stdout in detectPlatform.stdout + def test_FTL_detect_x86_64_no_errors(Pihole): ''' confirms only x86_64 package is downloaded for FTL engine ''' detectPlatform = Pihole.run(''' @@ -323,6 +343,7 @@ def test_FTL_detect_x86_64_no_errors(Pihole): expected_stdout = tick_box + ' Downloading and Installing FTL' assert expected_stdout in detectPlatform.stdout + def test_FTL_detect_unknown_no_errors(Pihole): ''' confirms only generic package is downloaded for FTL engine ''' # mock uname to return generic platform @@ -334,6 +355,7 @@ def test_FTL_detect_unknown_no_errors(Pihole): expected_stdout = 'Not able to detect architecture (unknown: mips)' assert expected_stdout in detectPlatform.stdout + def test_FTL_download_aarch64_no_errors(Pihole): ''' confirms only aarch64 package is downloaded for FTL engine ''' # mock uname to return generic platform @@ -348,6 +370,7 @@ def test_FTL_download_aarch64_no_errors(Pihole): error = 'Error: URL not found' assert error not in download_binary.stdout + def test_FTL_download_unknown_fails_no_errors(Pihole): ''' confirms unknown binary is not downloaded for FTL engine ''' # mock uname to return generic platform @@ -360,6 +383,7 @@ def test_FTL_download_unknown_fails_no_errors(Pihole): error = 'Error: URL not found' assert error in download_binary.stdout + def test_FTL_binary_installed_and_responsive_no_errors(Pihole): ''' confirms FTL binary is copied and functional in installed location ''' installed_binary = Pihole.run(''' @@ -370,6 +394,7 @@ def test_FTL_binary_installed_and_responsive_no_errors(Pihole): expected_stdout = 'v' assert expected_stdout in installed_binary.stdout + # def test_FTL_support_files_installed(Pihole): # ''' confirms FTL support files are installed ''' # support_files = Pihole.run(''' @@ -384,6 +409,7 @@ def test_FTL_binary_installed_and_responsive_no_errors(Pihole): # assert '644 /run/pihole-FTL.pid' in support_files.stdout # assert '644 /var/log/pihole-FTL.log' in support_files.stdout + def test_IPv6_only_link_local(Pihole): ''' confirms IPv6 blocking is disabled for Link-local address ''' # mock ip -6 address to return Link-local address @@ -395,6 +421,7 @@ def test_IPv6_only_link_local(Pihole): expected_stdout = 'Unable to find IPv6 ULA/GUA address, IPv6 adblocking will not be enabled' assert expected_stdout in detectPlatform.stdout + def test_IPv6_only_ULA(Pihole): ''' confirms IPv6 blocking is enabled for ULA addresses ''' # mock ip -6 address to return ULA address @@ -406,6 +433,7 @@ def test_IPv6_only_ULA(Pihole): expected_stdout = 'Found IPv6 ULA address, using it for blocking IPv6 ads' assert expected_stdout in detectPlatform.stdout + def test_IPv6_only_GUA(Pihole): ''' confirms IPv6 blocking is enabled for GUA addresses ''' # mock ip -6 address to return GUA address @@ -417,6 +445,7 @@ def test_IPv6_only_GUA(Pihole): expected_stdout = 'Found IPv6 GUA address, using it for blocking IPv6 ads' assert expected_stdout in detectPlatform.stdout + def test_IPv6_GUA_ULA_test(Pihole): ''' confirms IPv6 blocking is enabled for GUA and ULA addresses ''' # mock ip -6 address to return GUA and ULA addresses @@ -428,6 +457,7 @@ def test_IPv6_GUA_ULA_test(Pihole): expected_stdout = 'Found IPv6 ULA address, using it for blocking IPv6 ads' assert expected_stdout in detectPlatform.stdout + def test_IPv6_ULA_GUA_test(Pihole): ''' confirms IPv6 blocking is enabled for GUA and ULA addresses ''' # mock ip -6 address to return ULA and GUA addresses @@ -439,6 +469,7 @@ def test_IPv6_ULA_GUA_test(Pihole): expected_stdout = 'Found IPv6 ULA address, using it for blocking IPv6 ads' assert expected_stdout in detectPlatform.stdout + # Helper functions def mock_command(script, args, container): ''' Allows for setup of commands we don't really want to have to run for real in unit tests ''' @@ -461,6 +492,7 @@ def mock_command(script, args, container): chmod +x {script} rm -f /var/log/{scriptlog}'''.format(script=full_script_path, content=mock_script, scriptlog=script)) + def mock_command_2(script, args, container): ''' Allows for setup of commands we don't really want to have to run for real in unit tests ''' full_script_path = '/usr/local/bin/{}'.format(script) @@ -482,6 +514,7 @@ def mock_command_2(script, args, container): chmod +x {script} rm -f /var/log/{scriptlog}'''.format(script=full_script_path, content=mock_script, scriptlog=script)) + def run_script(Pihole, script): result = Pihole.run(script) assert result.rc == 0 diff --git a/test/test_shellcheck.py b/test/test_shellcheck.py index 5b1a8961..0bd03f36 100644 --- a/test/test_shellcheck.py +++ b/test/test_shellcheck.py @@ -5,6 +5,7 @@ run_local = testinfra.get_backend( "local://" ).get_module("Command").run + def test_scripts_pass_shellcheck(): ''' Make sure shellcheck does not find anything wrong with our shell scripts ''' shellcheck = "find . -type f -name 'update.sh' | while read file; do shellcheck -x \"$file\" -e SC1090,SC1091; done;" From da3dfd0998c1cd86afdf3ecf6cec7bc95b77ac57 Mon Sep 17 00:00:00 2001 From: bcambl Date: Mon, 2 Jul 2018 15:25:51 -0600 Subject: [PATCH 198/277] python linting: missing whitespace after ':' (E231) Signed-off-by: bcambl --- test/test_automated_install.py | 66 +++++++++++++++++----------------- 1 file changed, 33 insertions(+), 33 deletions(-) diff --git a/test/test_automated_install.py b/test/test_automated_install.py index f7b8702d..55709af9 100644 --- a/test/test_automated_install.py +++ b/test/test_automated_install.py @@ -76,9 +76,9 @@ def test_setupVars_saved_to_file(Pihole): def test_configureFirewall_firewalld_running_no_errors(Pihole): ''' confirms firewalld rules are applied when firewallD is running ''' # firewallD returns 'running' as status - mock_command('firewall-cmd', {'*':('running', 0)}, Pihole) + mock_command('firewall-cmd', {'*': ('running', 0)}, Pihole) # Whiptail dialog returns Ok for user prompt - mock_command('whiptail', {'*':('', 0)}, Pihole) + mock_command('whiptail', {'*': ('', 0)}, Pihole) configureFirewall = Pihole.run(''' source /opt/pihole/basic-install.sh configureFirewall @@ -94,7 +94,7 @@ def test_configureFirewall_firewalld_running_no_errors(Pihole): def test_configureFirewall_firewalld_disabled_no_errors(Pihole): ''' confirms firewalld rules are not applied when firewallD is not running ''' # firewallD returns non-running status - mock_command('firewall-cmd', {'*':('not running', '1')}, Pihole) + mock_command('firewall-cmd', {'*': ('not running', '1')}, Pihole) configureFirewall = Pihole.run(''' source /opt/pihole/basic-install.sh configureFirewall @@ -106,9 +106,9 @@ def test_configureFirewall_firewalld_disabled_no_errors(Pihole): def test_configureFirewall_firewalld_enabled_declined_no_errors(Pihole): ''' confirms firewalld rules are not applied when firewallD is running, user declines ruleset ''' # firewallD returns running status - mock_command('firewall-cmd', {'*':('running', 0)}, Pihole) + mock_command('firewall-cmd', {'*': ('running', 0)}, Pihole) # Whiptail dialog returns Cancel for user prompt - mock_command('whiptail', {'*':('', 1)}, Pihole) + mock_command('whiptail', {'*': ('', 1)}, Pihole) configureFirewall = Pihole.run(''' source /opt/pihole/basic-install.sh configureFirewall @@ -130,11 +130,11 @@ def test_configureFirewall_no_firewall(Pihole): def test_configureFirewall_IPTables_enabled_declined_no_errors(Pihole): ''' confirms IPTables rules are not applied when IPTables is running, user declines ruleset ''' # iptables command exists - mock_command('iptables', {'*':('', '0')}, Pihole) + mock_command('iptables', {'*': ('', '0')}, Pihole) # modinfo returns always true (ip_tables module check) - mock_command('modinfo', {'*':('', '0')}, Pihole) + mock_command('modinfo', {'*': ('', '0')}, Pihole) # Whiptail dialog returns Cancel for user prompt - mock_command('whiptail', {'*':('', '1')}, Pihole) + mock_command('whiptail', {'*': ('', '1')}, Pihole) configureFirewall = Pihole.run(''' source /opt/pihole/basic-install.sh configureFirewall @@ -146,11 +146,11 @@ def test_configureFirewall_IPTables_enabled_declined_no_errors(Pihole): def test_configureFirewall_IPTables_enabled_rules_exist_no_errors(Pihole): ''' confirms IPTables rules are not applied when IPTables is running and rules exist ''' # iptables command exists and returns 0 on calls (should return 0 on iptables -C) - mock_command('iptables', {'-S':('-P INPUT DENY', '0')}, Pihole) + mock_command('iptables', {'-S': ('-P INPUT DENY', '0')}, Pihole) # modinfo returns always true (ip_tables module check) - mock_command('modinfo', {'*':('', '0')}, Pihole) + mock_command('modinfo', {'*': ('', '0')}, Pihole) # Whiptail dialog returns Cancel for user prompt - mock_command('whiptail', {'*':('', '0')}, Pihole) + mock_command('whiptail', {'*': ('', '0')}, Pihole) configureFirewall = Pihole.run(''' source /opt/pihole/basic-install.sh configureFirewall @@ -166,11 +166,11 @@ def test_configureFirewall_IPTables_enabled_rules_exist_no_errors(Pihole): def test_configureFirewall_IPTables_enabled_not_exist_no_errors(Pihole): ''' confirms IPTables rules are applied when IPTables is running and rules do not exist ''' # iptables command and returns 0 on calls (should return 1 on iptables -C) - mock_command('iptables', {'-S':('-P INPUT DENY', '0'), '-C':('', 1), '-I':('', 0)}, Pihole) + mock_command('iptables', {'-S': ('-P INPUT DENY', '0'), '-C': ('', 1), '-I': ('', 0)}, Pihole) # modinfo returns always true (ip_tables module check) - mock_command('modinfo', {'*':('', '0')}, Pihole) + mock_command('modinfo', {'*': ('', '0')}, Pihole) # Whiptail dialog returns Cancel for user prompt - mock_command('whiptail', {'*':('', '0')}, Pihole) + mock_command('whiptail', {'*': ('', '0')}, Pihole) configureFirewall = Pihole.run(''' source /opt/pihole/basic-install.sh configureFirewall @@ -186,9 +186,9 @@ def test_configureFirewall_IPTables_enabled_not_exist_no_errors(Pihole): def test_selinux_enforcing_default_exit(Pihole): ''' confirms installer prompts to exit when SELinux is Enforcing by default ''' # getenforce returns the running state of SELinux - mock_command('getenforce', {'*':('Enforcing', '0')}, Pihole) + mock_command('getenforce', {'*': ('Enforcing', '0')}, Pihole) # Whiptail dialog returns Cancel for user prompt - mock_command('whiptail', {'*':('', '1')}, Pihole) + mock_command('whiptail', {'*': ('', '1')}, Pihole) check_selinux = Pihole.run(''' source /opt/pihole/basic-install.sh checkSelinux @@ -201,9 +201,9 @@ def test_selinux_enforcing_default_exit(Pihole): def test_selinux_enforcing_continue(Pihole): ''' confirms installer prompts to continue with custom policy warning ''' # getenforce returns the running state of SELinux - mock_command('getenforce', {'*':('Enforcing', '0')}, Pihole) + mock_command('getenforce', {'*': ('Enforcing', '0')}, Pihole) # Whiptail dialog returns Cancel for user prompt - mock_command('whiptail', {'*':('', '0')}, Pihole) + mock_command('whiptail', {'*': ('', '0')}, Pihole) check_selinux = Pihole.run(''' source /opt/pihole/basic-install.sh checkSelinux @@ -217,7 +217,7 @@ def test_selinux_enforcing_continue(Pihole): def test_selinux_permissive(Pihole): ''' confirms installer continues when SELinux is Permissive ''' # getenforce returns the running state of SELinux - mock_command('getenforce', {'*':('Permissive', '0')}, Pihole) + mock_command('getenforce', {'*': ('Permissive', '0')}, Pihole) check_selinux = Pihole.run(''' source /opt/pihole/basic-install.sh checkSelinux @@ -228,7 +228,7 @@ def test_selinux_permissive(Pihole): def test_selinux_disabled(Pihole): ''' confirms installer continues when SELinux is Disabled ''' - mock_command('getenforce', {'*':('Disabled', '0')}, Pihole) + mock_command('getenforce', {'*': ('Disabled', '0')}, Pihole) check_selinux = Pihole.run(''' source /opt/pihole/basic-install.sh checkSelinux @@ -266,7 +266,7 @@ def test_update_package_cache_success_no_errors(Pihole): def test_update_package_cache_failure_no_errors(Pihole): ''' confirms package cache was not updated''' - mock_command('apt-get', {'update':('', '1')}, Pihole) + mock_command('apt-get', {'update': ('', '1')}, Pihole) updateCache = Pihole.run(''' source /opt/pihole/basic-install.sh distro_check @@ -279,9 +279,9 @@ def test_update_package_cache_failure_no_errors(Pihole): def test_FTL_detect_aarch64_no_errors(Pihole): ''' confirms only aarch64 package is downloaded for FTL engine ''' # mock uname to return aarch64 platform - mock_command('uname', {'-m':('aarch64', '0')}, Pihole) + mock_command('uname', {'-m': ('aarch64', '0')}, Pihole) # mock ldd to respond with aarch64 shared library - mock_command('ldd', {'/bin/ls':('/lib/ld-linux-aarch64.so.1', '0')}, Pihole) + mock_command('ldd', {'/bin/ls': ('/lib/ld-linux-aarch64.so.1', '0')}, Pihole) detectPlatform = Pihole.run(''' source /opt/pihole/basic-install.sh FTLdetect @@ -297,9 +297,9 @@ def test_FTL_detect_aarch64_no_errors(Pihole): def test_FTL_detect_armv6l_no_errors(Pihole): ''' confirms only armv6l package is downloaded for FTL engine ''' # mock uname to return armv6l platform - mock_command('uname', {'-m':('armv6l', '0')}, Pihole) + mock_command('uname', {'-m': ('armv6l', '0')}, Pihole) # mock ldd to respond with aarch64 shared library - mock_command('ldd', {'/bin/ls':('/lib/ld-linux-armhf.so.3', '0')}, Pihole) + mock_command('ldd', {'/bin/ls': ('/lib/ld-linux-armhf.so.3', '0')}, Pihole) detectPlatform = Pihole.run(''' source /opt/pihole/basic-install.sh FTLdetect @@ -315,9 +315,9 @@ def test_FTL_detect_armv6l_no_errors(Pihole): def test_FTL_detect_armv7l_no_errors(Pihole): ''' confirms only armv7l package is downloaded for FTL engine ''' # mock uname to return armv7l platform - mock_command('uname', {'-m':('armv7l', '0')}, Pihole) + mock_command('uname', {'-m': ('armv7l', '0')}, Pihole) # mock ldd to respond with aarch64 shared library - mock_command('ldd', {'/bin/ls':('/lib/ld-linux-armhf.so.3', '0')}, Pihole) + mock_command('ldd', {'/bin/ls': ('/lib/ld-linux-armhf.so.3', '0')}, Pihole) detectPlatform = Pihole.run(''' source /opt/pihole/basic-install.sh FTLdetect @@ -347,7 +347,7 @@ def test_FTL_detect_x86_64_no_errors(Pihole): def test_FTL_detect_unknown_no_errors(Pihole): ''' confirms only generic package is downloaded for FTL engine ''' # mock uname to return generic platform - mock_command('uname', {'-m':('mips', '0')}, Pihole) + mock_command('uname', {'-m': ('mips', '0')}, Pihole) detectPlatform = Pihole.run(''' source /opt/pihole/basic-install.sh FTLdetect @@ -413,7 +413,7 @@ def test_FTL_binary_installed_and_responsive_no_errors(Pihole): def test_IPv6_only_link_local(Pihole): ''' confirms IPv6 blocking is disabled for Link-local address ''' # mock ip -6 address to return Link-local address - mock_command_2('ip', {'-6 address':('inet6 fe80::d210:52fa:fe00:7ad7/64 scope link', '0')}, Pihole) + mock_command_2('ip', {'-6 address': ('inet6 fe80::d210:52fa:fe00:7ad7/64 scope link', '0')}, Pihole) detectPlatform = Pihole.run(''' source /opt/pihole/basic-install.sh useIPv6dialog @@ -425,7 +425,7 @@ def test_IPv6_only_link_local(Pihole): def test_IPv6_only_ULA(Pihole): ''' confirms IPv6 blocking is enabled for ULA addresses ''' # mock ip -6 address to return ULA address - mock_command_2('ip', {'-6 address':('inet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global', '0')}, Pihole) + mock_command_2('ip', {'-6 address': ('inet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global', '0')}, Pihole) detectPlatform = Pihole.run(''' source /opt/pihole/basic-install.sh useIPv6dialog @@ -437,7 +437,7 @@ def test_IPv6_only_ULA(Pihole): def test_IPv6_only_GUA(Pihole): ''' confirms IPv6 blocking is enabled for GUA addresses ''' # mock ip -6 address to return GUA address - mock_command_2('ip', {'-6 address':('inet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global', '0')}, Pihole) + mock_command_2('ip', {'-6 address': ('inet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global', '0')}, Pihole) detectPlatform = Pihole.run(''' source /opt/pihole/basic-install.sh useIPv6dialog @@ -449,7 +449,7 @@ def test_IPv6_only_GUA(Pihole): def test_IPv6_GUA_ULA_test(Pihole): ''' confirms IPv6 blocking is enabled for GUA and ULA addresses ''' # mock ip -6 address to return GUA and ULA addresses - mock_command_2('ip', {'-6 address':('inet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global\ninet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global', '0')}, Pihole) + mock_command_2('ip', {'-6 address': ('inet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global\ninet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global', '0')}, Pihole) detectPlatform = Pihole.run(''' source /opt/pihole/basic-install.sh useIPv6dialog @@ -461,7 +461,7 @@ def test_IPv6_GUA_ULA_test(Pihole): def test_IPv6_ULA_GUA_test(Pihole): ''' confirms IPv6 blocking is enabled for GUA and ULA addresses ''' # mock ip -6 address to return ULA and GUA addresses - mock_command_2('ip', {'-6 address':('inet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global\ninet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global', '0')}, Pihole) + mock_command_2('ip', {'-6 address': ('inet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global\ninet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global', '0')}, Pihole) detectPlatform = Pihole.run(''' source /opt/pihole/basic-install.sh useIPv6dialog From c3d443aaffcf75bd2993358eb2e25a1bb33040d5 Mon Sep 17 00:00:00 2001 From: bcambl Date: Tue, 3 Jul 2018 00:05:24 -0600 Subject: [PATCH 199/277] python linting: lines > 79 characters (E501) Signed-off-by: bcambl --- test/conftest.py | 31 +++- test/test_automated_install.py | 307 ++++++++++++++++++++++++++------- test/test_shellcheck.py | 9 +- 3 files changed, 271 insertions(+), 76 deletions(-) diff --git a/test/conftest.py b/test/conftest.py index 44e0a4a4..80fea82b 100644 --- a/test/conftest.py +++ b/test/conftest.py @@ -8,8 +8,10 @@ check_output = testinfra.get_backend( @pytest.fixture def Pihole(Docker): - ''' used to contain some script stubbing, now pretty much an alias. - Also provides bash as the default run function shell ''' + ''' + used to contain some script stubbing, now pretty much an alias. + Also provides bash as the default run function shell + ''' def run_bash(self, command, *args, **kwargs): cmd = self.get_command(command, *args) if self.user is not None: @@ -23,13 +25,18 @@ def Pihole(Docker): return out funcType = type(Docker.run) - Docker.run = funcType(run_bash, Docker, testinfra.backend.docker.DockerBackend) + Docker.run = funcType(run_bash, + Docker, + testinfra.backend.docker.DockerBackend) return Docker @pytest.fixture def Docker(request, args, image, cmd): - ''' combine our fixtures into a docker run command and setup finalizer to cleanup ''' + ''' + combine our fixtures into a docker run command and setup finalizer to + cleanup + ''' assert 'docker' in check_output('id'), "Are you in the docker group?" docker_run = "docker run {} {} {}".format(args, image, cmd) docker_id = check_output(docker_run) @@ -45,23 +52,31 @@ def Docker(request, args, image, cmd): @pytest.fixture def args(request): - ''' -t became required when tput began being used ''' + ''' + -t became required when tput began being used + ''' return '-t -d' @pytest.fixture(params=['debian', 'centos']) def tag(request): - ''' consumed by image to make the test matrix ''' + ''' + consumed by image to make the test matrix + ''' return request.param @pytest.fixture() def image(request, tag): - ''' built by test_000_build_containers.py ''' + ''' + built by test_000_build_containers.py + ''' return 'pytest_pihole:{}'.format(tag) @pytest.fixture() def cmd(request): - ''' default to doing nothing by tailing null, but don't exit ''' + ''' + default to doing nothing by tailing null, but don't exit + ''' return 'tail -f /dev/null' diff --git a/test/test_automated_install.py b/test/test_automated_install.py index 55709af9..a604e197 100644 --- a/test/test_automated_install.py +++ b/test/test_automated_install.py @@ -15,9 +15,11 @@ info_box="[i]".decode("utf-8") def test_setupVars_are_sourced_to_global_scope(Pihole): - ''' currently update_dialogs sources setupVars with a dot, + ''' + currently update_dialogs sources setupVars with a dot, then various other functions use the variables. - This confirms the sourced variables are in scope between functions ''' + This confirms the sourced variables are in scope between functions + ''' setup_var_file = 'cat < /etc/pihole/setupVars.conf\n' for k,v in SETUPVARS.iteritems(): setup_var_file += "{}={}\n".format(k, v) @@ -49,8 +51,11 @@ def test_setupVars_are_sourced_to_global_scope(Pihole): def test_setupVars_saved_to_file(Pihole): - ''' confirm saved settings are written to a file for future updates to re-use ''' - set_setup_vars = '\n' # dedent works better with this and padding matching script below + ''' + confirm saved settings are written to a file for future updates to re-use + ''' + # dedent works better with this and padding matching script below + set_setup_vars = '\n' for k,v in SETUPVARS.iteritems(): set_setup_vars += " {}={}\n".format(k, v) Pihole.run(set_setup_vars).stdout @@ -74,7 +79,9 @@ def test_setupVars_saved_to_file(Pihole): def test_configureFirewall_firewalld_running_no_errors(Pihole): - ''' confirms firewalld rules are applied when firewallD is running ''' + ''' + confirms firewalld rules are applied when firewallD is running + ''' # firewallD returns 'running' as status mock_command('firewall-cmd', {'*': ('running', 0)}, Pihole) # Whiptail dialog returns Ok for user prompt @@ -87,24 +94,33 @@ def test_configureFirewall_firewalld_running_no_errors(Pihole): assert expected_stdout in configureFirewall.stdout firewall_calls = Pihole.run('cat /var/log/firewall-cmd').stdout assert 'firewall-cmd --state' in firewall_calls - assert 'firewall-cmd --permanent --add-service=http --add-service=dns' in firewall_calls + assert ('firewall-cmd ' + '--permanent ' + '--add-service=http ' + '--add-service=dns') in firewall_calls assert 'firewall-cmd --reload' in firewall_calls def test_configureFirewall_firewalld_disabled_no_errors(Pihole): - ''' confirms firewalld rules are not applied when firewallD is not running ''' + ''' + confirms firewalld rules are not applied when firewallD is not running + ''' # firewallD returns non-running status mock_command('firewall-cmd', {'*': ('not running', '1')}, Pihole) configureFirewall = Pihole.run(''' source /opt/pihole/basic-install.sh configureFirewall ''') - expected_stdout = 'No active firewall detected.. skipping firewall configuration' + expected_stdout = ('No active firewall detected.. ' + 'skipping firewall configuration') assert expected_stdout in configureFirewall.stdout def test_configureFirewall_firewalld_enabled_declined_no_errors(Pihole): - ''' confirms firewalld rules are not applied when firewallD is running, user declines ruleset ''' + ''' + confirms firewalld rules are not applied when firewallD is running, user + declines ruleset + ''' # firewallD returns running status mock_command('firewall-cmd', {'*': ('running', 0)}, Pihole) # Whiptail dialog returns Cancel for user prompt @@ -128,7 +144,10 @@ def test_configureFirewall_no_firewall(Pihole): def test_configureFirewall_IPTables_enabled_declined_no_errors(Pihole): - ''' confirms IPTables rules are not applied when IPTables is running, user declines ruleset ''' + ''' + confirms IPTables rules are not applied when IPTables is running, user + declines ruleset + ''' # iptables command exists mock_command('iptables', {'*': ('', '0')}, Pihole) # modinfo returns always true (ip_tables module check) @@ -144,8 +163,12 @@ def test_configureFirewall_IPTables_enabled_declined_no_errors(Pihole): def test_configureFirewall_IPTables_enabled_rules_exist_no_errors(Pihole): - ''' confirms IPTables rules are not applied when IPTables is running and rules exist ''' - # iptables command exists and returns 0 on calls (should return 0 on iptables -C) + ''' + confirms IPTables rules are not applied when IPTables is running and rules + exist + ''' + # iptables command exists and returns 0 on calls + # (should return 0 on iptables -C) mock_command('iptables', {'-S': ('-P INPUT DENY', '0')}, Pihole) # modinfo returns always true (ip_tables module check) mock_command('modinfo', {'*': ('', '0')}, Pihole) @@ -158,15 +181,38 @@ def test_configureFirewall_IPTables_enabled_rules_exist_no_errors(Pihole): expected_stdout = 'Installing new IPTables firewall rulesets' assert expected_stdout in configureFirewall.stdout firewall_calls = Pihole.run('cat /var/log/iptables').stdout - assert 'iptables -I INPUT 1 -p tcp -m tcp --dport 80 -j ACCEPT' not in firewall_calls - assert 'iptables -I INPUT 1 -p tcp -m tcp --dport 53 -j ACCEPT' not in firewall_calls - assert 'iptables -I INPUT 1 -p udp -m udp --dport 53 -j ACCEPT' not in firewall_calls + iptables_line = 'iptables -I INPUT 1 -p tcp -m tcp --dport 80 -j ACCEPT' + assert iptables_line not in firewall_calls + iptables_line = 'iptables -I INPUT 1 -p tcp -m tcp --dport 53 -j ACCEPT' + assert iptables_line not in firewall_calls + iptables_line = 'iptables -I INPUT 1 -p udp -m udp --dport 53 -j ACCEPT' + assert iptables_line not in firewall_calls def test_configureFirewall_IPTables_enabled_not_exist_no_errors(Pihole): - ''' confirms IPTables rules are applied when IPTables is running and rules do not exist ''' + ''' + confirms IPTables rules are applied when IPTables is running and rules do + not exist + ''' # iptables command and returns 0 on calls (should return 1 on iptables -C) - mock_command('iptables', {'-S': ('-P INPUT DENY', '0'), '-C': ('', 1), '-I': ('', 0)}, Pihole) + mock_command( + 'iptables', + { + '-S': ( + '-P INPUT DENY', + '0' + ), + '-C': ( + '', + 1 + ), + '-I': ( + '', + 0 + ) + }, + Pihole + ) # modinfo returns always true (ip_tables module check) mock_command('modinfo', {'*': ('', '0')}, Pihole) # Whiptail dialog returns Cancel for user prompt @@ -178,13 +224,18 @@ def test_configureFirewall_IPTables_enabled_not_exist_no_errors(Pihole): expected_stdout = 'Installing new IPTables firewall rulesets' assert expected_stdout in configureFirewall.stdout firewall_calls = Pihole.run('cat /var/log/iptables').stdout - assert 'iptables -I INPUT 1 -p tcp -m tcp --dport 80 -j ACCEPT' in firewall_calls - assert 'iptables -I INPUT 1 -p tcp -m tcp --dport 53 -j ACCEPT' in firewall_calls - assert 'iptables -I INPUT 1 -p udp -m udp --dport 53 -j ACCEPT' in firewall_calls + iptables_line = 'iptables -I INPUT 1 -p tcp -m tcp --dport 80 -j ACCEPT' + assert iptables_line in firewall_calls + iptables_line = 'iptables -I INPUT 1 -p tcp -m tcp --dport 53 -j ACCEPT' + assert iptables_line in firewall_calls + iptables_line = 'iptables -I INPUT 1 -p udp -m udp --dport 53 -j ACCEPT' + assert iptables_line in firewall_calls def test_selinux_enforcing_default_exit(Pihole): - ''' confirms installer prompts to exit when SELinux is Enforcing by default ''' + ''' + confirms installer prompts to exit when SELinux is Enforcing by default + ''' # getenforce returns the running state of SELinux mock_command('getenforce', {'*': ('Enforcing', '0')}, Pihole) # Whiptail dialog returns Cancel for user prompt @@ -193,13 +244,17 @@ def test_selinux_enforcing_default_exit(Pihole): source /opt/pihole/basic-install.sh checkSelinux ''') - assert info_box + ' SELinux mode detected: Enforcing' in check_selinux.stdout - assert 'SELinux Enforcing detected, exiting installer' in check_selinux.stdout + expected_stdout = info_box + ' SELinux mode detected: Enforcing' + assert expected_stdout in check_selinux.stdout + expected_stdout = 'SELinux Enforcing detected, exiting installer' + assert expected_stdout in check_selinux.stdout assert check_selinux.rc == 1 def test_selinux_enforcing_continue(Pihole): - ''' confirms installer prompts to continue with custom policy warning ''' + ''' + confirms installer prompts to continue with custom policy warning + ''' # getenforce returns the running state of SELinux mock_command('getenforce', {'*': ('Enforcing', '0')}, Pihole) # Whiptail dialog returns Cancel for user prompt @@ -208,80 +263,117 @@ def test_selinux_enforcing_continue(Pihole): source /opt/pihole/basic-install.sh checkSelinux ''') - assert info_box + ' SELinux mode detected: Enforcing' in check_selinux.stdout - assert info_box + ' Continuing installation with SELinux Enforcing' in check_selinux.stdout - assert info_box + ' Please refer to official SELinux documentation to create a custom policy' in check_selinux.stdout + expected_stdout = info_box + ' SELinux mode detected: Enforcing' + assert expected_stdout in check_selinux.stdout + expected_stdout = info_box + (' Continuing installation with SELinux ' + 'Enforcing') + assert expected_stdout in check_selinux.stdout + expected_stdout = info_box + (' Please refer to official SELinux ' + 'documentation to create a custom policy') + assert expected_stdout in check_selinux.stdout assert check_selinux.rc == 0 def test_selinux_permissive(Pihole): - ''' confirms installer continues when SELinux is Permissive ''' + ''' + confirms installer continues when SELinux is Permissive + ''' # getenforce returns the running state of SELinux mock_command('getenforce', {'*': ('Permissive', '0')}, Pihole) check_selinux = Pihole.run(''' source /opt/pihole/basic-install.sh checkSelinux ''') - assert info_box + ' SELinux mode detected: Permissive' in check_selinux.stdout + expected_stdout = info_box + ' SELinux mode detected: Permissive' + assert expected_stdout in check_selinux.stdout assert check_selinux.rc == 0 def test_selinux_disabled(Pihole): - ''' confirms installer continues when SELinux is Disabled ''' + ''' + confirms installer continues when SELinux is Disabled + ''' mock_command('getenforce', {'*': ('Disabled', '0')}, Pihole) check_selinux = Pihole.run(''' source /opt/pihole/basic-install.sh checkSelinux ''') - assert info_box + ' SELinux mode detected: Disabled' in check_selinux.stdout + expected_stdout = info_box + ' SELinux mode detected: Disabled' + assert expected_stdout in check_selinux.stdout assert check_selinux.rc == 0 def test_installPiholeWeb_fresh_install_no_errors(Pihole): - ''' confirms all web page assets from Core repo are installed on a fresh build ''' + ''' + confirms all web page assets from Core repo are installed on a fresh build + ''' installWeb = Pihole.run(''' source /opt/pihole/basic-install.sh installPiholeWeb ''') - assert info_box + ' Installing blocking page...' in installWeb.stdout - assert tick_box + ' Creating directory for blocking page, and copying files' in installWeb.stdout - assert cross_box + ' Backing up index.lighttpd.html' in installWeb.stdout - assert 'No default index.lighttpd.html file found... not backing up' in installWeb.stdout - assert tick_box + ' Installing sudoer file' in installWeb.stdout + expected_stdout = info_box + ' Installing blocking page...' + assert expected_stdout in installWeb.stdout + expected_stdout = tick_box + (' Creating directory for blocking page, ' + 'and copying files') + assert expected_stdout in installWeb.stdout + expected_stdout = cross_box + ' Backing up index.lighttpd.html' + assert expected_stdout in installWeb.stdout + expected_stdout = ('No default index.lighttpd.html file found... ' + 'not backing up') + assert expected_stdout in installWeb.stdout + expected_stdout = tick_box + ' Installing sudoer file' + assert expected_stdout in installWeb.stdout web_directory = Pihole.run('ls -r /var/www/html/pihole').stdout assert 'index.php' in web_directory assert 'blockingpage.css' in web_directory def test_update_package_cache_success_no_errors(Pihole): - ''' confirms package cache was updated without any errors''' + ''' + confirms package cache was updated without any errors + ''' updateCache = Pihole.run(''' source /opt/pihole/basic-install.sh distro_check update_package_cache ''') - assert tick_box + ' Update local cache of available packages' in updateCache.stdout + expected_stdout = tick_box + ' Update local cache of available packages' + assert expected_stdout in updateCache.stdout assert 'Error: Unable to update package cache.' not in updateCache.stdout def test_update_package_cache_failure_no_errors(Pihole): - ''' confirms package cache was not updated''' + ''' + confirms package cache was not updated + ''' mock_command('apt-get', {'update': ('', '1')}, Pihole) updateCache = Pihole.run(''' source /opt/pihole/basic-install.sh distro_check update_package_cache ''') - assert cross_box + ' Update local cache of available packages' in updateCache.stdout + expected_stdout = cross_box + ' Update local cache of available packages' + assert expected_stdout in updateCache.stdout assert 'Error: Unable to update package cache.' in updateCache.stdout def test_FTL_detect_aarch64_no_errors(Pihole): - ''' confirms only aarch64 package is downloaded for FTL engine ''' + ''' + confirms only aarch64 package is downloaded for FTL engine + ''' # mock uname to return aarch64 platform mock_command('uname', {'-m': ('aarch64', '0')}, Pihole) # mock ldd to respond with aarch64 shared library - mock_command('ldd', {'/bin/ls': ('/lib/ld-linux-aarch64.so.1', '0')}, Pihole) + mock_command( + 'ldd', + { + '/bin/ls': ( + '/lib/ld-linux-aarch64.so.1', + '0' + ) + }, + Pihole + ) detectPlatform = Pihole.run(''' source /opt/pihole/basic-install.sh FTLdetect @@ -295,7 +387,9 @@ def test_FTL_detect_aarch64_no_errors(Pihole): def test_FTL_detect_armv6l_no_errors(Pihole): - ''' confirms only armv6l package is downloaded for FTL engine ''' + ''' + confirms only armv6l package is downloaded for FTL engine + ''' # mock uname to return armv6l platform mock_command('uname', {'-m': ('armv6l', '0')}, Pihole) # mock ldd to respond with aarch64 shared library @@ -306,14 +400,17 @@ def test_FTL_detect_armv6l_no_errors(Pihole): ''') expected_stdout = info_box + ' FTL Checks...' assert expected_stdout in detectPlatform.stdout - expected_stdout = tick_box + ' Detected ARM-hf architecture (armv6 or lower)' + expected_stdout = tick_box + (' Detected ARM-hf architecture ' + '(armv6 or lower)') assert expected_stdout in detectPlatform.stdout expected_stdout = tick_box + ' Downloading and Installing FTL' assert expected_stdout in detectPlatform.stdout def test_FTL_detect_armv7l_no_errors(Pihole): - ''' confirms only armv7l package is downloaded for FTL engine ''' + ''' + confirms only armv7l package is downloaded for FTL engine + ''' # mock uname to return armv7l platform mock_command('uname', {'-m': ('armv7l', '0')}, Pihole) # mock ldd to respond with aarch64 shared library @@ -331,7 +428,9 @@ def test_FTL_detect_armv7l_no_errors(Pihole): def test_FTL_detect_x86_64_no_errors(Pihole): - ''' confirms only x86_64 package is downloaded for FTL engine ''' + ''' + confirms only x86_64 package is downloaded for FTL engine + ''' detectPlatform = Pihole.run(''' source /opt/pihole/basic-install.sh FTLdetect @@ -357,7 +456,9 @@ def test_FTL_detect_unknown_no_errors(Pihole): def test_FTL_download_aarch64_no_errors(Pihole): - ''' confirms only aarch64 package is downloaded for FTL engine ''' + ''' + confirms only aarch64 package is downloaded for FTL engine + ''' # mock uname to return generic platform download_binary = Pihole.run(''' source /opt/pihole/basic-install.sh @@ -372,7 +473,9 @@ def test_FTL_download_aarch64_no_errors(Pihole): def test_FTL_download_unknown_fails_no_errors(Pihole): - ''' confirms unknown binary is not downloaded for FTL engine ''' + ''' + confirms unknown binary is not downloaded for FTL engine + ''' # mock uname to return generic platform download_binary = Pihole.run(''' source /opt/pihole/basic-install.sh @@ -385,7 +488,9 @@ def test_FTL_download_unknown_fails_no_errors(Pihole): def test_FTL_binary_installed_and_responsive_no_errors(Pihole): - ''' confirms FTL binary is copied and functional in installed location ''' + ''' + confirms FTL binary is copied and functional in installed location + ''' installed_binary = Pihole.run(''' source /opt/pihole/basic-install.sh FTLdetect @@ -396,7 +501,9 @@ def test_FTL_binary_installed_and_responsive_no_errors(Pihole): # def test_FTL_support_files_installed(Pihole): -# ''' confirms FTL support files are installed ''' +# ''' +# confirms FTL support files are installed +# ''' # support_files = Pihole.run(''' # source /opt/pihole/basic-install.sh # FTLdetect @@ -411,21 +518,44 @@ def test_FTL_binary_installed_and_responsive_no_errors(Pihole): def test_IPv6_only_link_local(Pihole): - ''' confirms IPv6 blocking is disabled for Link-local address ''' + ''' + confirms IPv6 blocking is disabled for Link-local address + ''' # mock ip -6 address to return Link-local address - mock_command_2('ip', {'-6 address': ('inet6 fe80::d210:52fa:fe00:7ad7/64 scope link', '0')}, Pihole) + mock_command_2( + 'ip', + { + '-6 address': ( + 'inet6 fe80::d210:52fa:fe00:7ad7/64 scope link', + '0' + ) + }, + Pihole + ) detectPlatform = Pihole.run(''' source /opt/pihole/basic-install.sh useIPv6dialog ''') - expected_stdout = 'Unable to find IPv6 ULA/GUA address, IPv6 adblocking will not be enabled' + expected_stdout = ('Unable to find IPv6 ULA/GUA address, ' + 'IPv6 adblocking will not be enabled') assert expected_stdout in detectPlatform.stdout def test_IPv6_only_ULA(Pihole): - ''' confirms IPv6 blocking is enabled for ULA addresses ''' + ''' + confirms IPv6 blocking is enabled for ULA addresses + ''' # mock ip -6 address to return ULA address - mock_command_2('ip', {'-6 address': ('inet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global', '0')}, Pihole) + mock_command_2( + 'ip', + { + '-6 address': ( + 'inet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global', + '0' + ) + }, + Pihole + ) detectPlatform = Pihole.run(''' source /opt/pihole/basic-install.sh useIPv6dialog @@ -435,9 +565,20 @@ def test_IPv6_only_ULA(Pihole): def test_IPv6_only_GUA(Pihole): - ''' confirms IPv6 blocking is enabled for GUA addresses ''' + ''' + confirms IPv6 blocking is enabled for GUA addresses + ''' # mock ip -6 address to return GUA address - mock_command_2('ip', {'-6 address': ('inet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global', '0')}, Pihole) + mock_command_2( + 'ip', + { + '-6 address': ( + 'inet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global', + '0' + ) + }, + Pihole + ) detectPlatform = Pihole.run(''' source /opt/pihole/basic-install.sh useIPv6dialog @@ -447,9 +588,21 @@ def test_IPv6_only_GUA(Pihole): def test_IPv6_GUA_ULA_test(Pihole): - ''' confirms IPv6 blocking is enabled for GUA and ULA addresses ''' + ''' + confirms IPv6 blocking is enabled for GUA and ULA addresses + ''' # mock ip -6 address to return GUA and ULA addresses - mock_command_2('ip', {'-6 address': ('inet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global\ninet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global', '0')}, Pihole) + mock_command_2( + 'ip', + { + '-6 address': ( + 'inet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global\n' + 'inet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global', + '0' + ) + }, + Pihole + ) detectPlatform = Pihole.run(''' source /opt/pihole/basic-install.sh useIPv6dialog @@ -459,9 +612,21 @@ def test_IPv6_GUA_ULA_test(Pihole): def test_IPv6_ULA_GUA_test(Pihole): - ''' confirms IPv6 blocking is enabled for GUA and ULA addresses ''' + ''' + confirms IPv6 blocking is enabled for GUA and ULA addresses + ''' # mock ip -6 address to return ULA and GUA addresses - mock_command_2('ip', {'-6 address': ('inet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global\ninet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global', '0')}, Pihole) + mock_command_2( + 'ip', + { + '-6 address': ( + 'inet6 fda2:2001:5555:0:d210:52fa:fe00:7ad7/64 scope global\n' + 'inet6 2003:12:1e43:301:d210:52fa:fe00:7ad7/64 scope global', + '0' + ) + }, + Pihole + ) detectPlatform = Pihole.run(''' source /opt/pihole/basic-install.sh useIPv6dialog @@ -472,7 +637,10 @@ def test_IPv6_ULA_GUA_test(Pihole): # Helper functions def mock_command(script, args, container): - ''' Allows for setup of commands we don't really want to have to run for real in unit tests ''' + ''' + Allows for setup of commands we don't really want to have to run for real + in unit tests + ''' full_script_path = '/usr/local/bin/{}'.format(script) mock_script = dedent('''\ #!/bin/bash -e @@ -490,11 +658,16 @@ def mock_command(script, args, container): container.run(''' cat < {script}\n{content}\nEOF chmod +x {script} - rm -f /var/log/{scriptlog}'''.format(script=full_script_path, content=mock_script, scriptlog=script)) + rm -f /var/log/{scriptlog}'''.format(script=full_script_path, + content=mock_script, + scriptlog=script)) def mock_command_2(script, args, container): - ''' Allows for setup of commands we don't really want to have to run for real in unit tests ''' + ''' + Allows for setup of commands we don't really want to have to run for real + in unit tests + ''' full_script_path = '/usr/local/bin/{}'.format(script) mock_script = dedent('''\ #!/bin/bash -e @@ -512,7 +685,9 @@ def mock_command_2(script, args, container): container.run(''' cat < {script}\n{content}\nEOF chmod +x {script} - rm -f /var/log/{scriptlog}'''.format(script=full_script_path, content=mock_script, scriptlog=script)) + rm -f /var/log/{scriptlog}'''.format(script=full_script_path, + content=mock_script, + scriptlog=script)) def run_script(Pihole, script): diff --git a/test/test_shellcheck.py b/test/test_shellcheck.py index 0bd03f36..b9b1cea5 100644 --- a/test/test_shellcheck.py +++ b/test/test_shellcheck.py @@ -7,8 +7,13 @@ run_local = testinfra.get_backend( def test_scripts_pass_shellcheck(): - ''' Make sure shellcheck does not find anything wrong with our shell scripts ''' - shellcheck = "find . -type f -name 'update.sh' | while read file; do shellcheck -x \"$file\" -e SC1090,SC1091; done;" + ''' + Make sure shellcheck does not find anything wrong with our shell scripts + ''' + shellcheck = ("find . -type f -name 'update.sh' " + "| while read file; do " + "shellcheck -x \"$file\" -e SC1090,SC1091; " + "done;") results = run_local(shellcheck) print results.stdout assert '' == results.stdout From 9bd4986781fbfc610bc8cb174f3b53152491ac9d Mon Sep 17 00:00:00 2001 From: bcambl Date: Tue, 3 Jul 2018 00:21:57 -0600 Subject: [PATCH 200/277] python linting: whitespace before ':' (E203) Signed-off-by: bcambl --- test/test_automated_install.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/test/test_automated_install.py b/test/test_automated_install.py index a604e197..1bbdefa1 100644 --- a/test/test_automated_install.py +++ b/test/test_automated_install.py @@ -2,11 +2,11 @@ import pytest from textwrap import dedent SETUPVARS = { - 'PIHOLE_INTERFACE' : 'eth99', - 'IPV4_ADDRESS' : '1.1.1.1', - 'IPV6_ADDRESS' : 'FE80::240:D0FF:FE48:4672', - 'PIHOLE_DNS_1' : '4.2.2.1', - 'PIHOLE_DNS_2' : '4.2.2.2' + 'PIHOLE_INTERFACE': 'eth99', + 'IPV4_ADDRESS': '1.1.1.1', + 'IPV6_ADDRESS': 'FE80::240:D0FF:FE48:4672', + 'PIHOLE_DNS_1': '4.2.2.1', + 'PIHOLE_DNS_2': '4.2.2.2' } tick_box="[\x1b[1;32m\xe2\x9c\x93\x1b[0m]".decode("utf-8") From 79232d02c935e88b9df211e66cddcda85144b109 Mon Sep 17 00:00:00 2001 From: bcambl Date: Tue, 3 Jul 2018 00:30:00 -0600 Subject: [PATCH 201/277] python linting: 'pytest' imported but unused (F401) Signed-off-by: bcambl --- test/test_automated_install.py | 1 - test/test_shellcheck.py | 1 - 2 files changed, 2 deletions(-) diff --git a/test/test_automated_install.py b/test/test_automated_install.py index 1bbdefa1..027e5365 100644 --- a/test/test_automated_install.py +++ b/test/test_automated_install.py @@ -1,4 +1,3 @@ -import pytest from textwrap import dedent SETUPVARS = { diff --git a/test/test_shellcheck.py b/test/test_shellcheck.py index b9b1cea5..43e8ad6f 100644 --- a/test/test_shellcheck.py +++ b/test/test_shellcheck.py @@ -1,4 +1,3 @@ -import pytest import testinfra run_local = testinfra.get_backend( From 1d3445bc0f019f2a01d36552c0e8a84fa5e67467 Mon Sep 17 00:00:00 2001 From: bcambl Date: Tue, 3 Jul 2018 00:33:30 -0600 Subject: [PATCH 202/277] python linting: whitespace after '(' and before ')' (E201 & E202) Signed-off-by: bcambl --- test/test_000_build_containers.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/test_000_build_containers.py b/test/test_000_build_containers.py index 725136d8..dc365026 100644 --- a/test/test_000_build_containers.py +++ b/test/test_000_build_containers.py @@ -8,8 +8,8 @@ run_local = testinfra.get_backend( @pytest.mark.parametrize("image,tag", [ - ( 'test/debian.Dockerfile', 'pytest_pihole:debian' ), - ( 'test/centos.Dockerfile', 'pytest_pihole:centos' ), + ('test/debian.Dockerfile', 'pytest_pihole:debian'), + ('test/centos.Dockerfile', 'pytest_pihole:centos'), ]) def test_build_pihole_image(image, tag): build_cmd = run_local('docker build -f {} -t {} .'.format(image, tag)) From 064a75b21b73948a11b2af2518a3e9dc2cc01192 Mon Sep 17 00:00:00 2001 From: bcambl Date: Tue, 3 Jul 2018 00:35:16 -0600 Subject: [PATCH 203/277] python linting: missing whitespace around operator (E225) Signed-off-by: bcambl --- test/test_automated_install.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/test/test_automated_install.py b/test/test_automated_install.py index 027e5365..14c2b77a 100644 --- a/test/test_automated_install.py +++ b/test/test_automated_install.py @@ -8,9 +8,9 @@ SETUPVARS = { 'PIHOLE_DNS_2': '4.2.2.2' } -tick_box="[\x1b[1;32m\xe2\x9c\x93\x1b[0m]".decode("utf-8") -cross_box="[\x1b[1;31m\xe2\x9c\x97\x1b[0m]".decode("utf-8") -info_box="[i]".decode("utf-8") +tick_box = "[\x1b[1;32m\xe2\x9c\x93\x1b[0m]".decode("utf-8") +cross_box = "[\x1b[1;31m\xe2\x9c\x97\x1b[0m]".decode("utf-8") +info_box = "[i]".decode("utf-8") def test_setupVars_are_sourced_to_global_scope(Pihole): From 40537e1522b2eb9d18d07254b4b8f155d749061e Mon Sep 17 00:00:00 2001 From: bcambl Date: Tue, 3 Jul 2018 00:36:47 -0600 Subject: [PATCH 204/277] python linting: missing whitespace after ',' (E231) Signed-off-by: bcambl --- test/test_automated_install.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/test/test_automated_install.py b/test/test_automated_install.py index 14c2b77a..400a94f4 100644 --- a/test/test_automated_install.py +++ b/test/test_automated_install.py @@ -20,7 +20,7 @@ def test_setupVars_are_sourced_to_global_scope(Pihole): This confirms the sourced variables are in scope between functions ''' setup_var_file = 'cat < /etc/pihole/setupVars.conf\n' - for k,v in SETUPVARS.iteritems(): + for k, v in SETUPVARS.iteritems(): setup_var_file += "{}={}\n".format(k, v) setup_var_file += "EOF\n" Pihole.run(setup_var_file) @@ -45,7 +45,7 @@ def test_setupVars_are_sourced_to_global_scope(Pihole): output = run_script(Pihole, script).stdout - for k,v in SETUPVARS.iteritems(): + for k, v in SETUPVARS.iteritems(): assert "{}={}".format(k, v) in output @@ -55,7 +55,7 @@ def test_setupVars_saved_to_file(Pihole): ''' # dedent works better with this and padding matching script below set_setup_vars = '\n' - for k,v in SETUPVARS.iteritems(): + for k, v in SETUPVARS.iteritems(): set_setup_vars += " {}={}\n".format(k, v) Pihole.run(set_setup_vars).stdout @@ -73,7 +73,7 @@ def test_setupVars_saved_to_file(Pihole): output = run_script(Pihole, script).stdout - for k,v in SETUPVARS.iteritems(): + for k, v in SETUPVARS.iteritems(): assert "{}={}".format(k, v) in output From 5ca2ad6148b83ab2d072477dda95ab0c3b97332f Mon Sep 17 00:00:00 2001 From: bcambl Date: Thu, 5 Jul 2018 18:10:43 -0600 Subject: [PATCH 205/277] move test globals & mock commands to conftest Signed-off-by: bcambl --- test/conftest.py | 74 ++++++++++++++++++++++++++++++ test/test_automated_install.py | 82 ++++------------------------------ 2 files changed, 83 insertions(+), 73 deletions(-) diff --git a/test/conftest.py b/test/conftest.py index 80fea82b..7ec3832e 100644 --- a/test/conftest.py +++ b/test/conftest.py @@ -1,10 +1,23 @@ import pytest import testinfra +from textwrap import dedent check_output = testinfra.get_backend( "local://" ).get_module("Command").check_output +SETUPVARS = { + 'PIHOLE_INTERFACE': 'eth99', + 'IPV4_ADDRESS': '1.1.1.1', + 'IPV6_ADDRESS': 'FE80::240:D0FF:FE48:4672', + 'PIHOLE_DNS_1': '4.2.2.1', + 'PIHOLE_DNS_2': '4.2.2.2' +} + +tick_box = "[\x1b[1;32m\xe2\x9c\x93\x1b[0m]".decode("utf-8") +cross_box = "[\x1b[1;31m\xe2\x9c\x97\x1b[0m]".decode("utf-8") +info_box = "[i]".decode("utf-8") + @pytest.fixture def Pihole(Docker): @@ -80,3 +93,64 @@ def cmd(request): default to doing nothing by tailing null, but don't exit ''' return 'tail -f /dev/null' + + +# Helper functions +def mock_command(script, args, container): + ''' + Allows for setup of commands we don't really want to have to run for real + in unit tests + ''' + full_script_path = '/usr/local/bin/{}'.format(script) + mock_script = dedent('''\ + #!/bin/bash -e + echo "\$0 \$@" >> /var/log/{script} + case "\$1" in'''.format(script=script)) + for k, v in args.iteritems(): + case = dedent(''' + {arg}) + echo {res} + exit {retcode} + ;;'''.format(arg=k, res=v[0], retcode=v[1])) + mock_script += case + mock_script += dedent(''' + esac''') + container.run(''' + cat < {script}\n{content}\nEOF + chmod +x {script} + rm -f /var/log/{scriptlog}'''.format(script=full_script_path, + content=mock_script, + scriptlog=script)) + + +def mock_command_2(script, args, container): + ''' + Allows for setup of commands we don't really want to have to run for real + in unit tests + ''' + full_script_path = '/usr/local/bin/{}'.format(script) + mock_script = dedent('''\ + #!/bin/bash -e + echo "\$0 \$@" >> /var/log/{script} + case "\$1 \$2" in'''.format(script=script)) + for k, v in args.iteritems(): + case = dedent(''' + \"{arg}\") + echo \"{res}\" + exit {retcode} + ;;'''.format(arg=k, res=v[0], retcode=v[1])) + mock_script += case + mock_script += dedent(''' + esac''') + container.run(''' + cat < {script}\n{content}\nEOF + chmod +x {script} + rm -f /var/log/{scriptlog}'''.format(script=full_script_path, + content=mock_script, + scriptlog=script)) + + +def run_script(Pihole, script): + result = Pihole.run(script) + assert result.rc == 0 + return result diff --git a/test/test_automated_install.py b/test/test_automated_install.py index 400a94f4..3718282f 100644 --- a/test/test_automated_install.py +++ b/test/test_automated_install.py @@ -1,16 +1,13 @@ from textwrap import dedent - -SETUPVARS = { - 'PIHOLE_INTERFACE': 'eth99', - 'IPV4_ADDRESS': '1.1.1.1', - 'IPV6_ADDRESS': 'FE80::240:D0FF:FE48:4672', - 'PIHOLE_DNS_1': '4.2.2.1', - 'PIHOLE_DNS_2': '4.2.2.2' -} - -tick_box = "[\x1b[1;32m\xe2\x9c\x93\x1b[0m]".decode("utf-8") -cross_box = "[\x1b[1;31m\xe2\x9c\x97\x1b[0m]".decode("utf-8") -info_box = "[i]".decode("utf-8") +from conftest import ( + SETUPVARS, + tick_box, + info_box, + cross_box, + mock_command, + mock_command_2, + run_script +) def test_setupVars_are_sourced_to_global_scope(Pihole): @@ -632,64 +629,3 @@ def test_IPv6_ULA_GUA_test(Pihole): ''') expected_stdout = 'Found IPv6 ULA address, using it for blocking IPv6 ads' assert expected_stdout in detectPlatform.stdout - - -# Helper functions -def mock_command(script, args, container): - ''' - Allows for setup of commands we don't really want to have to run for real - in unit tests - ''' - full_script_path = '/usr/local/bin/{}'.format(script) - mock_script = dedent('''\ - #!/bin/bash -e - echo "\$0 \$@" >> /var/log/{script} - case "\$1" in'''.format(script=script)) - for k, v in args.iteritems(): - case = dedent(''' - {arg}) - echo {res} - exit {retcode} - ;;'''.format(arg=k, res=v[0], retcode=v[1])) - mock_script += case - mock_script += dedent(''' - esac''') - container.run(''' - cat < {script}\n{content}\nEOF - chmod +x {script} - rm -f /var/log/{scriptlog}'''.format(script=full_script_path, - content=mock_script, - scriptlog=script)) - - -def mock_command_2(script, args, container): - ''' - Allows for setup of commands we don't really want to have to run for real - in unit tests - ''' - full_script_path = '/usr/local/bin/{}'.format(script) - mock_script = dedent('''\ - #!/bin/bash -e - echo "\$0 \$@" >> /var/log/{script} - case "\$1 \$2" in'''.format(script=script)) - for k, v in args.iteritems(): - case = dedent(''' - \"{arg}\") - echo \"{res}\" - exit {retcode} - ;;'''.format(arg=k, res=v[0], retcode=v[1])) - mock_script += case - mock_script += dedent(''' - esac''') - container.run(''' - cat < {script}\n{content}\nEOF - chmod +x {script} - rm -f /var/log/{scriptlog}'''.format(script=full_script_path, - content=mock_script, - scriptlog=script)) - - -def run_script(Pihole, script): - result = Pihole.run(script) - assert result.rc == 0 - return result From 553aad6ed2d489bd508d7f956261d5e4b69de6a4 Mon Sep 17 00:00:00 2001 From: bcambl Date: Thu, 5 Jul 2018 18:12:39 -0600 Subject: [PATCH 206/277] add Fedora container to test matrix Signed-off-by: bcambl --- test/conftest.py | 2 +- test/fedora.Dockerfile | 16 ++++++++++++++++ test/test_000_build_containers.py | 1 + 3 files changed, 18 insertions(+), 1 deletion(-) create mode 100644 test/fedora.Dockerfile diff --git a/test/conftest.py b/test/conftest.py index 7ec3832e..58530d38 100644 --- a/test/conftest.py +++ b/test/conftest.py @@ -71,7 +71,7 @@ def args(request): return '-t -d' -@pytest.fixture(params=['debian', 'centos']) +@pytest.fixture(params=['debian', 'centos', 'fedora']) def tag(request): ''' consumed by image to make the test matrix diff --git a/test/fedora.Dockerfile b/test/fedora.Dockerfile new file mode 100644 index 00000000..c4834388 --- /dev/null +++ b/test/fedora.Dockerfile @@ -0,0 +1,16 @@ +FROM fedora:latest + +ENV GITDIR /etc/.pihole +ENV SCRIPTDIR /opt/pihole + +RUN mkdir -p $GITDIR $SCRIPTDIR /etc/pihole +ADD . $GITDIR +RUN cp $GITDIR/advanced/Scripts/*.sh $GITDIR/gravity.sh $GITDIR/pihole $GITDIR/automated\ install/*.sh $SCRIPTDIR/ +ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$SCRIPTDIR + +RUN true && \ + chmod +x $SCRIPTDIR/* + +ENV PH_TEST true + +#sed '/# Start the installer/Q' /opt/pihole/basic-install.sh > /opt/pihole/stub_basic-install.sh && \ diff --git a/test/test_000_build_containers.py b/test/test_000_build_containers.py index dc365026..ad243754 100644 --- a/test/test_000_build_containers.py +++ b/test/test_000_build_containers.py @@ -10,6 +10,7 @@ run_local = testinfra.get_backend( @pytest.mark.parametrize("image,tag", [ ('test/debian.Dockerfile', 'pytest_pihole:debian'), ('test/centos.Dockerfile', 'pytest_pihole:centos'), + ('test/fedora.Dockerfile', 'pytest_pihole:fedora'), ]) def test_build_pihole_image(image, tag): build_cmd = run_local('docker build -f {} -t {} .'.format(image, tag)) From a323b126e5ea89d4f54f6dfffdbb52a126a19449 Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Thu, 5 Jul 2018 21:48:36 -0700 Subject: [PATCH 207/277] Finished space conversion Signed-off-by: Dan Schaper --- .editorconfig | 2 +- .idea/codeStyles/Project.xml | 6 - automated install/basic-install.sh | 3897 ++++++++++++++-------------- 3 files changed, 1947 insertions(+), 1958 deletions(-) diff --git a/.editorconfig b/.editorconfig index e5626a07..ee415d1f 100644 --- a/.editorconfig +++ b/.editorconfig @@ -9,7 +9,7 @@ end_of_line = lf insert_final_newline = true indent_style = space indent_size = tab -tab_width = 2 +tab_width = 4 charset = utf-8 trim_trailing_whitespace = true diff --git a/.idea/codeStyles/Project.xml b/.idea/codeStyles/Project.xml index 7704aeaa..79a710fd 100644 --- a/.idea/codeStyles/Project.xml +++ b/.idea/codeStyles/Project.xml @@ -1,11 +1,5 @@ - diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 36d717f5..b1852288 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -84,30 +84,30 @@ runUnattended=false INSTALL_WEB_SERVER=true # Check arguments for the undocumented flags for var in "$@"; do - case "$var" in - "--reconfigure" ) reconfigure=true;; - "--i_do_not_follow_recommendations" ) skipSpaceCheck=true;; - "--unattended" ) runUnattended=true;; - "--disable-install-webserver" ) INSTALL_WEB_SERVER=false;; - esac + case "$var" in + "--reconfigure" ) reconfigure=true;; + "--i_do_not_follow_recommendations" ) skipSpaceCheck=true;; + "--unattended" ) runUnattended=true;; + "--disable-install-webserver" ) INSTALL_WEB_SERVER=false;; + esac done # If the color table file exists, if [[ -f "${coltable}" ]]; then - # source it - source ${coltable} + # source it + source ${coltable} # Otherwise, else - # Set these values so the installer can still run in color - COL_NC='\e[0m' # No Color - COL_LIGHT_GREEN='\e[1;32m' - COL_LIGHT_RED='\e[1;31m' - TICK="[${COL_LIGHT_GREEN}✓${COL_NC}]" - CROSS="[${COL_LIGHT_RED}✗${COL_NC}]" - INFO="[i]" - # shellcheck disable=SC2034 - DONE="${COL_LIGHT_GREEN} done!${COL_NC}" - OVER="\\r\\033[K" + # Set these values so the installer can still run in color + COL_NC='\e[0m' # No Color + COL_LIGHT_GREEN='\e[1;32m' + COL_LIGHT_RED='\e[1;31m' + TICK="[${COL_LIGHT_GREEN}✓${COL_NC}]" + CROSS="[${COL_LIGHT_RED}✗${COL_NC}]" + INFO="[i]" + # shellcheck disable=SC2034 + DONE="${COL_LIGHT_GREEN} done!${COL_NC}" + OVER="\\r\\033[K" fi # A simple function that just echoes out our logo in ASCII format @@ -141,1033 +141,1029 @@ show_ascii_berry() { distro_check() { # If apt-get is installed, then we know it's part of the Debian family if command -v apt-get &> /dev/null; then - # Set some global variables here - # We don't set them earlier since the family might be Red Hat, so these values would be different - PKG_MANAGER="apt-get" - # A variable to store the command used to update the package cache - UPDATE_PKG_CACHE="${PKG_MANAGER} update" - # An array for something... - PKG_INSTALL=(${PKG_MANAGER} --yes --no-install-recommends install) - # grep -c will return 1 retVal on 0 matches, block this throwing the set -e with an OR TRUE - PKG_COUNT="${PKG_MANAGER} -s -o Debug::NoLocking=true upgrade | grep -c ^Inst || true" - # Some distros vary slightly so these fixes for dependencies may apply - # Debian 7 doesn't have iproute2 so if the dry run install is successful, - if ${PKG_MANAGER} install --dry-run iproute2 > /dev/null 2>&1; then - # we can install it - iproute_pkg="iproute2" - # Otherwise, - else - # use iproute - iproute_pkg="iproute" - fi - # Check for and determine version number (major and minor) of current php install - if command -v php &> /dev/null; then - phpInsVersion="$(php -v | head -n1 | grep -Po '(?<=PHP )[^ ]+')" - echo -e " ${INFO} Existing PHP installation detected : PHP version $phpInsVersion" - phpInsMajor="$(echo "$phpInsVersion" | cut -d\. -f1)" - phpInsMinor="$(echo "$phpInsVersion" | cut -d\. -f2)" - # Is installed php version 7.0 or greater - if [ "$(echo "$phpInsMajor.$phpInsMinor < 7.0" | bc )" == 0 ]; then - phpInsNewer=true + # Set some global variables here + # We don't set them earlier since the family might be Red Hat, so these values would be different + PKG_MANAGER="apt-get" + # A variable to store the command used to update the package cache + UPDATE_PKG_CACHE="${PKG_MANAGER} update" + # An array for something... + PKG_INSTALL=(${PKG_MANAGER} --yes --no-install-recommends install) + # grep -c will return 1 retVal on 0 matches, block this throwing the set -e with an OR TRUE + PKG_COUNT="${PKG_MANAGER} -s -o Debug::NoLocking=true upgrade | grep -c ^Inst || true" + # Some distros vary slightly so these fixes for dependencies may apply + # Debian 7 doesn't have iproute2 so if the dry run install is successful, + if ${PKG_MANAGER} install --dry-run iproute2 > /dev/null 2>&1; then + # we can install it + iproute_pkg="iproute2" + # Otherwise, + else + # use iproute + iproute_pkg="iproute" fi - fi - # Check if installed php is v 7.0, or newer to determine packages to install - if [[ "$phpInsNewer" != true ]]; then - # Prefer the php metapackage if it's there - if ${PKG_MANAGER} install --dry-run php > /dev/null 2>&1; then - phpVer="php" - # fall back on the php5 packages - else - phpVer="php5" + # Check for and determine version number (major and minor) of current php install + if command -v php &> /dev/null; then + phpInsVersion="$(php -v | head -n1 | grep -Po '(?<=PHP )[^ ]+')" + echo -e " ${INFO} Existing PHP installation detected : PHP version $phpInsVersion" + phpInsMajor="$(echo "$phpInsVersion" | cut -d\. -f1)" + phpInsMinor="$(echo "$phpInsVersion" | cut -d\. -f2)" + # Is installed php version 7.0 or greater + if [ "$(echo "$phpInsMajor.$phpInsMinor < 7.0" | bc )" == 0 ]; then + phpInsNewer=true + fi fi - else - # Newer php is installed, its common, cgi & sqlite counterparts are deps - phpVer="php$phpInsMajor.$phpInsMinor" - fi - # We also need the correct version for `php-sqlite` (which differs across distros) - if ${PKG_MANAGER} install --dry-run ${phpVer}-sqlite3 > /dev/null 2>&1; then - phpSqlite="sqlite3" - else - phpSqlite="sqlite" - fi - # Since our install script is so large, we need several other programs to successfully get a machine provisioned - # These programs are stored in an array so they can be looped through later - INSTALLER_DEPS=(apt-utils dialog debconf dhcpcd5 git ${iproute_pkg} whiptail) - # Pi-hole itself has several dependencies that also need to be installed - PIHOLE_DEPS=(bc cron curl dnsutils iputils-ping lsof netcat psmisc sudo unzip wget idn2 sqlite3 libcap2-bin dns-root-data resolvconf) - # The Web dashboard has some that also need to be installed - # It's useful to separate the two since our repos are also setup as "Core" code and "Web" code - PIHOLE_WEB_DEPS=(lighttpd ${phpVer}-common ${phpVer}-cgi ${phpVer}-${phpSqlite}) - # The Web server user, - LIGHTTPD_USER="www-data" - # group, - LIGHTTPD_GROUP="www-data" - # and config file - LIGHTTPD_CFG="lighttpd.conf.debian" + # Check if installed php is v 7.0, or newer to determine packages to install + if [[ "$phpInsNewer" != true ]]; then + # Prefer the php metapackage if it's there + if ${PKG_MANAGER} install --dry-run php > /dev/null 2>&1; then + phpVer="php" + # fall back on the php5 packages + else + phpVer="php5" + fi + else + # Newer php is installed, its common, cgi & sqlite counterparts are deps + phpVer="php$phpInsMajor.$phpInsMinor" + fi + # We also need the correct version for `php-sqlite` (which differs across distros) + if ${PKG_MANAGER} install --dry-run ${phpVer}-sqlite3 > /dev/null 2>&1; then + phpSqlite="sqlite3" + else + phpSqlite="sqlite" + fi + # Since our install script is so large, we need several other programs to successfully get a machine provisioned + # These programs are stored in an array so they can be looped through later + INSTALLER_DEPS=(apt-utils dialog debconf dhcpcd5 git ${iproute_pkg} whiptail) + # Pi-hole itself has several dependencies that also need to be installed + PIHOLE_DEPS=(bc cron curl dnsutils iputils-ping lsof netcat psmisc sudo unzip wget idn2 sqlite3 libcap2-bin dns-root-data resolvconf) + # The Web dashboard has some that also need to be installed + # It's useful to separate the two since our repos are also setup as "Core" code and "Web" code + PIHOLE_WEB_DEPS=(lighttpd ${phpVer}-common ${phpVer}-cgi ${phpVer}-${phpSqlite}) + # The Web server user, + LIGHTTPD_USER="www-data" + # group, + LIGHTTPD_GROUP="www-data" + # and config file + LIGHTTPD_CFG="lighttpd.conf.debian" - # A function to check... - test_dpkg_lock() { - # An iterator used for counting loop iterations - i=0 - # fuser is a program to show which processes use the named files, sockets, or filesystems - # So while the command is true - while fuser /var/lib/dpkg/lock >/dev/null 2>&1 ; do - # Wait half a second - sleep 0.5 - # and increase the iterator - ((i=i+1)) - done - # Always return success, since we only return if there is no - # lock (anymore) - return 0 + # A function to check... + test_dpkg_lock() { + # An iterator used for counting loop iterations + i=0 + # fuser is a program to show which processes use the named files, sockets, or filesystems + # So while the command is true + while fuser /var/lib/dpkg/lock >/dev/null 2>&1 ; do + # Wait half a second + sleep 0.5 + # and increase the iterator + ((i=i+1)) + done + # Always return success, since we only return if there is no + # lock (anymore) + return 0 } # If apt-get is not found, check for rpm to see if it's a Red Hat family OS elif command -v rpm &> /dev/null; then - # Then check if dnf or yum is the package manager - if command -v dnf &> /dev/null; then - PKG_MANAGER="dnf" - else - PKG_MANAGER="yum" - fi - - # Fedora and family update cache on every PKG_INSTALL call, no need for a separate update. - UPDATE_PKG_CACHE=":" - PKG_INSTALL=(${PKG_MANAGER} install -y) - PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l" - INSTALLER_DEPS=(dialog git iproute net-tools newt procps-ng which) - PIHOLE_DEPS=(bc bind-utils cronie curl findutils nmap-ncat sudo unzip wget libidn2 psmisc) - PIHOLE_WEB_DEPS=(lighttpd lighttpd-fastcgi php-common php-cli php-pdo) - LIGHTTPD_USER="lighttpd" - LIGHTTPD_GROUP="lighttpd" - LIGHTTPD_CFG="lighttpd.conf.fedora" - # If the host OS is Fedora, - if grep -qi 'fedora' /etc/redhat-release; then - # all required packages should be available by default with the latest fedora release - : # continue - # or if host OS is CentOS, - elif grep -qi 'centos' /etc/redhat-release; then - # Pi-Hole currently supports CentOS 7+ with PHP7+ - SUPPORTED_CENTOS_VERSION=7 - SUPPORTED_CENTOS_PHP_VERSION=7 - # Check current CentOS major release version - CURRENT_CENTOS_VERSION=$(rpm -q --queryformat '%{VERSION}' centos-release) - # Check if CentOS version is supported - if [[ $CURRENT_CENTOS_VERSION -lt $SUPPORTED_CENTOS_VERSION ]]; then - echo -e " ${CROSS} CentOS $CURRENT_CENTOS_VERSION is not suported." - echo -e " Please update to CentOS release $SUPPORTED_CENTOS_VERSION or later" - # exit the installer - exit - fi - # on CentOS we need to add the EPEL repository to gain access to Fedora packages - EPEL_PKG="epel-release" - rpm -q ${EPEL_PKG} &> /dev/null || rc=$? - if [[ $rc -ne 0 ]]; then - echo -e " ${INFO} Enabling EPEL package repository (https://fedoraproject.org/wiki/EPEL)" - "${PKG_INSTALL[@]}" ${EPEL_PKG} &> /dev/null - echo -e " ${TICK} Installed ${EPEL_PKG}" - fi - - # The default php on CentOS 7.x is 5.4 which is EOL - # Check if the version of PHP available via installed repositories is >= to PHP 7 - AVAILABLE_PHP_VERSION=$(${PKG_MANAGER} info php | grep -i version | grep -o '[0-9]\+' | head -1) - if [[ $AVAILABLE_PHP_VERSION -ge $SUPPORTED_CENTOS_PHP_VERSION ]]; then - # Since PHP 7 is available by default, install via default PHP package names - : # do nothing as PHP is current + # Then check if dnf or yum is the package manager + if command -v dnf &> /dev/null; then + PKG_MANAGER="dnf" else - REMI_PKG="remi-release" - REMI_REPO="remi-php72" - rpm -q ${REMI_PKG} &> /dev/null || rc=$? - if [[ $rc -ne 0 ]]; then - # The PHP version available via default repositories is older than version 7 - if ! whiptail --defaultno --title "PHP 7 Update (recommended)" --yesno "PHP 7.x is recommended for both security and language features.\\nWould you like to install PHP7 via Remi's RPM repository?\\n\\nSee: https://rpms.remirepo.net for more information" ${r} ${c}; then - # User decided to NOT update PHP from REMI, attempt to install the default available PHP version - echo -e " ${INFO} User opt-out of PHP 7 upgrade on CentOS. Deprecated PHP may be in use." - : # continue with unsupported php version - else - echo -e " ${INFO} Enabling Remi's RPM repository (https://rpms.remirepo.net)" - "${PKG_INSTALL[@]}" "https://rpms.remirepo.net/enterprise/${REMI_PKG}-$(rpm -E '%{rhel}').rpm" &> /dev/null - # enable the PHP 7 repository via yum-config-manager (provided by yum-utils) - "${PKG_INSTALL[@]}" "yum-utils" &> /dev/null - yum-config-manager --enable ${REMI_REPO} &> /dev/null - echo -e " ${TICK} Remi's RPM repository has been enabled for PHP7" - - fi - fi + PKG_MANAGER="yum" fi - else - # If not a supported version of Fedora or CentOS, - echo -e " ${CROSS} Unsupported RPM based distribution" - # exit the installer - exit - fi + # Fedora and family update cache on every PKG_INSTALL call, no need for a separate update. + UPDATE_PKG_CACHE=":" + PKG_INSTALL=(${PKG_MANAGER} install -y) + PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l" + INSTALLER_DEPS=(dialog git iproute net-tools newt procps-ng which) + PIHOLE_DEPS=(bc bind-utils cronie curl findutils nmap-ncat sudo unzip wget libidn2 psmisc) + PIHOLE_WEB_DEPS=(lighttpd lighttpd-fastcgi php-common php-cli php-pdo) + LIGHTTPD_USER="lighttpd" + LIGHTTPD_GROUP="lighttpd" + LIGHTTPD_CFG="lighttpd.conf.fedora" + # If the host OS is Fedora, + if grep -qi 'fedora' /etc/redhat-release; then + # all required packages should be available by default with the latest fedora release + : # continue + # or if host OS is CentOS, + elif grep -qi 'centos' /etc/redhat-release; then + # Pi-Hole currently supports CentOS 7+ with PHP7+ + SUPPORTED_CENTOS_VERSION=7 + SUPPORTED_CENTOS_PHP_VERSION=7 + # Check current CentOS major release version + CURRENT_CENTOS_VERSION=$(rpm -q --queryformat '%{VERSION}' centos-release) + # Check if CentOS version is supported + if [[ $CURRENT_CENTOS_VERSION -lt $SUPPORTED_CENTOS_VERSION ]]; then + echo -e " ${CROSS} CentOS $CURRENT_CENTOS_VERSION is not suported." + echo -e " Please update to CentOS release $SUPPORTED_CENTOS_VERSION or later" + # exit the installer + exit + fi + # on CentOS we need to add the EPEL repository to gain access to Fedora packages + EPEL_PKG="epel-release" + rpm -q ${EPEL_PKG} &> /dev/null || rc=$? + if [[ $rc -ne 0 ]]; then + echo -e " ${INFO} Enabling EPEL package repository (https://fedoraproject.org/wiki/EPEL)" + "${PKG_INSTALL[@]}" ${EPEL_PKG} &> /dev/null + echo -e " ${TICK} Installed ${EPEL_PKG}" + fi + + # The default php on CentOS 7.x is 5.4 which is EOL + # Check if the version of PHP available via installed repositories is >= to PHP 7 + AVAILABLE_PHP_VERSION=$(${PKG_MANAGER} info php | grep -i version | grep -o '[0-9]\+' | head -1) + if [[ $AVAILABLE_PHP_VERSION -ge $SUPPORTED_CENTOS_PHP_VERSION ]]; then + # Since PHP 7 is available by default, install via default PHP package names + : # do nothing as PHP is current + else + REMI_PKG="remi-release" + REMI_REPO="remi-php72" + rpm -q ${REMI_PKG} &> /dev/null || rc=$? + if [[ $rc -ne 0 ]]; then + # The PHP version available via default repositories is older than version 7 + if ! whiptail --defaultno --title "PHP 7 Update (recommended)" --yesno "PHP 7.x is recommended for both security and language features.\\nWould you like to install PHP7 via Remi's RPM repository?\\n\\nSee: https://rpms.remirepo.net for more information" ${r} ${c}; then + # User decided to NOT update PHP from REMI, attempt to install the default available PHP version + echo -e " ${INFO} User opt-out of PHP 7 upgrade on CentOS. Deprecated PHP may be in use." + : # continue with unsupported php version + else + echo -e " ${INFO} Enabling Remi's RPM repository (https://rpms.remirepo.net)" + "${PKG_INSTALL[@]}" "https://rpms.remirepo.net/enterprise/${REMI_PKG}-$(rpm -E '%{rhel}').rpm" &> /dev/null + # enable the PHP 7 repository via yum-config-manager (provided by yum-utils) + "${PKG_INSTALL[@]}" "yum-utils" &> /dev/null + yum-config-manager --enable ${REMI_REPO} &> /dev/null + echo -e " ${TICK} Remi's RPM repository has been enabled for PHP7" + fi + fi + fi + else + # If not a supported version of Fedora or CentOS, + echo -e " ${CROSS} Unsupported RPM based distribution" + # exit the installer + exit + fi # If neither apt-get or rmp/dnf are found else - # it's not an OS we can support, - echo -e " ${CROSS} OS distribution not supported" - # so exit the installer - exit + # it's not an OS we can support, + echo -e " ${CROSS} OS distribution not supported" + # so exit the installer + exit fi } # A function for checking if a folder is a git repository is_repo() { - # Use a named, local variable instead of the vague $1, which is the first argument passed to this function - # These local variables should always be lowercase - local directory="${1}" - # A local variable for the current directory - local curdir - # A variable to store the return code - local rc - # Assign the current directory variable by using pwd - curdir="${PWD}" - # If the first argument passed to this function is a directory, - if [[ -d "${directory}" ]]; then - # move into the directory - cd "${directory}" - # Use git to check if the folder is a repo - # git -C is not used here to support git versions older than 1.8.4 - git status --short &> /dev/null || rc=$? - # If the command was not successful, - else - # Set a non-zero return code if directory does not exist - rc=1 - fi - # Move back into the directory the user started in - cd "${curdir}" - # Return the code; if one is not set, return 0 - return "${rc:-0}" + # Use a named, local variable instead of the vague $1, which is the first argument passed to this function + # These local variables should always be lowercase + local directory="${1}" + # A local variable for the current directory + local curdir + # A variable to store the return code + local rc + # Assign the current directory variable by using pwd + curdir="${PWD}" + # If the first argument passed to this function is a directory, + if [[ -d "${directory}" ]]; then + # move into the directory + cd "${directory}" + # Use git to check if the folder is a repo + # git -C is not used here to support git versions older than 1.8.4 + git status --short &> /dev/null || rc=$? + # If the command was not successful, + else + # Set a non-zero return code if directory does not exist + rc=1 + fi + # Move back into the directory the user started in + cd "${curdir}" + # Return the code; if one is not set, return 0 + return "${rc:-0}" } # A function to clone a repo make_repo() { - # Set named variables for better readability - local directory="${1}" - local remoteRepo="${2}" - # The message to display when this function is running - str="Clone ${remoteRepo} into ${directory}" - # Display the message and use the color table to preface the message with an "info" indicator - echo -ne " ${INFO} ${str}..." - # If the directory exists, - if [[ -d "${directory}" ]]; then - # delete everything in it so git can clone into it - rm -rf "${directory}" - fi - # Clone the repo and return the return code from this command - git clone -q --depth 1 "${remoteRepo}" "${directory}" &> /dev/null || return $? - # Show a colored message showing it's status - echo -e "${OVER} ${TICK} ${str}" - # Always return 0? Not sure this is correct - return 0 + # Set named variables for better readability + local directory="${1}" + local remoteRepo="${2}" + # The message to display when this function is running + str="Clone ${remoteRepo} into ${directory}" + # Display the message and use the color table to preface the message with an "info" indicator + echo -ne " ${INFO} ${str}..." + # If the directory exists, + if [[ -d "${directory}" ]]; then + # delete everything in it so git can clone into it + rm -rf "${directory}" + fi + # Clone the repo and return the return code from this command + git clone -q --depth 1 "${remoteRepo}" "${directory}" &> /dev/null || return $? + # Show a colored message showing it's status + echo -e "${OVER} ${TICK} ${str}" + # Always return 0? Not sure this is correct + return 0 } # We need to make sure the repos are up-to-date so we can effectively install Clean out the directory if it exists for git to clone into update_repo() { - # Use named, local variables - # As you can see, these are the same variable names used in the last function, - # but since they are local, their scope does not go beyond this function - # This helps prevent the wrong value from being assigned if you were to set the variable as a GLOBAL one - local directory="${1}" - local curdir + # Use named, local variables + # As you can see, these are the same variable names used in the last function, + # but since they are local, their scope does not go beyond this function + # This helps prevent the wrong value from being assigned if you were to set the variable as a GLOBAL one + local directory="${1}" + local curdir - # A variable to store the message we want to display; - # Again, it's useful to store these in variables in case we need to reuse or change the message; - # we only need to make one change here - local str="Update repo in ${1}" + # A variable to store the message we want to display; + # Again, it's useful to store these in variables in case we need to reuse or change the message; + # we only need to make one change here + local str="Update repo in ${1}" - # Make sure we know what directory we are in so we can move back into it - curdir="${PWD}" - # Move into the directory that was passed as an argument - cd "${directory}" &> /dev/null || return 1 - # Let the user know what's happening - echo -ne " ${INFO} ${str}..." - # Stash any local commits as they conflict with our working code - git stash --all --quiet &> /dev/null || true # Okay for stash failure - git clean --quiet --force -d || true # Okay for already clean directory - # Pull the latest commits - git pull --quiet &> /dev/null || return $? - # Show a completion message - echo -e "${OVER} ${TICK} ${str}" - # Move back into the original directory - cd "${curdir}" &> /dev/null || return 1 - return 0 + # Make sure we know what directory we are in so we can move back into it + curdir="${PWD}" + # Move into the directory that was passed as an argument + cd "${directory}" &> /dev/null || return 1 + # Let the user know what's happening + echo -ne " ${INFO} ${str}..." + # Stash any local commits as they conflict with our working code + git stash --all --quiet &> /dev/null || true # Okay for stash failure + git clean --quiet --force -d || true # Okay for already clean directory + # Pull the latest commits + git pull --quiet &> /dev/null || return $? + # Show a completion message + echo -e "${OVER} ${TICK} ${str}" + # Move back into the original directory + cd "${curdir}" &> /dev/null || return 1 + return 0 } # A function that combines the functions previously made getGitFiles() { - # Setup named variables for the git repos - # We need the directory - local directory="${1}" - # as well as the repo URL - local remoteRepo="${2}" - # A local variable containing the message to be displayed - local str="Check for existing repository in ${1}" - # Show the message - echo -ne " ${INFO} ${str}..." - # Check if the directory is a repository - if is_repo "${directory}"; then - # Show that we're checking it - echo -e "${OVER} ${TICK} ${str}" - # Update the repo, returning an error message on failure - update_repo "${directory}" || { echo -e "\\n ${COL_LIGHT_RED}Error: Could not update local repository. Contact support.${COL_NC}"; exit 1; } - # If it's not a .git repo, - else - # Show an error - echo -e "${OVER} ${CROSS} ${str}" - # Attempt to make the repository, showing an error on failure - make_repo "${directory}" "${remoteRepo}" || { echo -e "\\n ${COL_LIGHT_RED}Error: Could not update local repository. Contact support.${COL_NC}"; exit 1; } - fi - # echo a blank line - echo "" - # and return success? - return 0 + # Setup named variables for the git repos + # We need the directory + local directory="${1}" + # as well as the repo URL + local remoteRepo="${2}" + # A local variable containing the message to be displayed + local str="Check for existing repository in ${1}" + # Show the message + echo -ne " ${INFO} ${str}..." + # Check if the directory is a repository + if is_repo "${directory}"; then + # Show that we're checking it + echo -e "${OVER} ${TICK} ${str}" + # Update the repo, returning an error message on failure + update_repo "${directory}" || { echo -e "\\n ${COL_LIGHT_RED}Error: Could not update local repository. Contact support.${COL_NC}"; exit 1; } + # If it's not a .git repo, + else + # Show an error + echo -e "${OVER} ${CROSS} ${str}" + # Attempt to make the repository, showing an error on failure + make_repo "${directory}" "${remoteRepo}" || { echo -e "\\n ${COL_LIGHT_RED}Error: Could not update local repository. Contact support.${COL_NC}"; exit 1; } + fi + # echo a blank line + echo "" + # and return success? + return 0 } # Reset a repo to get rid of any local changed resetRepo() { - # Use named variables for arguments - local directory="${1}" - # Move into the directory - cd "${directory}" &> /dev/null || return 1 - # Store the message in a variable - str="Resetting repository within ${1}..." - # Show the message - echo -ne " ${INFO} ${str}" - # Use git to remove the local changes - git reset --hard &> /dev/null || return $? - # And show the status - echo -e "${OVER} ${TICK} ${str}" - # Returning success anyway? - return 0 + # Use named variables for arguments + local directory="${1}" + # Move into the directory + cd "${directory}" &> /dev/null || return 1 + # Store the message in a variable + str="Resetting repository within ${1}..." + # Show the message + echo -ne " ${INFO} ${str}" + # Use git to remove the local changes + git reset --hard &> /dev/null || return $? + # And show the status + echo -e "${OVER} ${TICK} ${str}" + # Returning success anyway? + return 0 } # We need to know the IPv4 information so we can effectively setup the DNS server # Without this information, we won't know where to Pi-hole will be found find_IPv4_information() { - # Named, local variables - local route - # Find IP used to route to outside world by checking the the route to Google's public DNS server - route=$(ip route get 8.8.8.8) - # Use awk to strip out just the interface device as it is used in future commands - IPv4dev=$(awk '{for (i=1; i<=NF; i++) if ($i~/dev/) print $(i+1)}' <<< "${route}") - # Get just the IP address - IPv4bare=$(awk '{print $7}' <<< "${route}") - # Append the CIDR notation to the IP address - IPV4_ADDRESS=$(ip -o -f inet addr show | grep "${IPv4bare}" | awk '{print $4}' | awk 'END {print}') - # Get the default gateway (the way to reach the Internet) - IPv4gw=$(awk '{print $3}' <<< "${route}") - + # Named, local variables + local route + # Find IP used to route to outside world by checking the the route to Google's public DNS server + route=$(ip route get 8.8.8.8) + # Use awk to strip out just the interface device as it is used in future commands + IPv4dev=$(awk '{for (i=1; i<=NF; i++) if ($i~/dev/) print $(i+1)}' <<< "${route}") + # Get just the IP address + IPv4bare=$(awk '{print $7}' <<< "${route}") + # Append the CIDR notation to the IP address + IPV4_ADDRESS=$(ip -o -f inet addr show | grep "${IPv4bare}" | awk '{print $4}' | awk 'END {print}') + # Get the default gateway (the way to reach the Internet) + IPv4gw=$(awk '{print $3}' <<< "${route}") } # Get available interfaces that are UP get_available_interfaces() { - # There may be more than one so it's all stored in a variable - availableInterfaces=$(ip --oneline link show up | grep -v "lo" | awk '{print $2}' | cut -d':' -f1 | cut -d'@' -f1) + # There may be more than one so it's all stored in a variable + availableInterfaces=$(ip --oneline link show up | grep -v "lo" | awk '{print $2}' | cut -d':' -f1 | cut -d'@' -f1) } # A function for displaying the dialogs the user sees when first running the installer welcomeDialogs() { - # Display the welcome dialog using an appropriately sized window via the calculation conducted earlier in the script - whiptail --msgbox --backtitle "Welcome" --title "Pi-hole automated installer" "\\n\\nThis installer will transform your device into a network-wide ad blocker!" ${r} ${c} + # Display the welcome dialog using an appropriately sized window via the calculation conducted earlier in the script + whiptail --msgbox --backtitle "Welcome" --title "Pi-hole automated installer" "\\n\\nThis installer will transform your device into a network-wide ad blocker!" ${r} ${c} - # Request that users donate if they enjoy the software since we all work on it in our free time - whiptail --msgbox --backtitle "Plea" --title "Free and open source" "\\n\\nThe Pi-hole is free, but powered by your donations: http://pi-hole.net/donate" ${r} ${c} + # Request that users donate if they enjoy the software since we all work on it in our free time + whiptail --msgbox --backtitle "Plea" --title "Free and open source" "\\n\\nThe Pi-hole is free, but powered by your donations: http://pi-hole.net/donate" ${r} ${c} - # Explain the need for a static address - whiptail --msgbox --backtitle "Initiating network interface" --title "Static IP Needed" "\\n\\nThe Pi-hole is a SERVER so it needs a STATIC IP ADDRESS to function properly. + # Explain the need for a static address + whiptail --msgbox --backtitle "Initiating network interface" --title "Static IP Needed" "\\n\\nThe Pi-hole is a SERVER so it needs a STATIC IP ADDRESS to function properly. In the next section, you can choose to use your current network settings (DHCP) or to manually edit them." ${r} ${c} } # We need to make sure there is enough space before installing, so there is a function to check this verifyFreeDiskSpace() { + # 50MB is the minimum space needed (45MB install (includes web admin bootstrap/jquery libraries etc) + 5MB one day of logs.) + # - Fourdee: Local ensures the variable is only created, and accessible within this function/void. Generally considered a "good" coding practice for non-global variables. + local str="Disk space check" + # Required space in KB + local required_free_kilobytes=51200 + # Calculate existing free space on this machine + local existing_free_kilobytes + existing_free_kilobytes=$(df -Pk | grep -m1 '\/$' | awk '{print $4}') - # 50MB is the minimum space needed (45MB install (includes web admin bootstrap/jquery libraries etc) + 5MB one day of logs.) - # - Fourdee: Local ensures the variable is only created, and accessible within this function/void. Generally considered a "good" coding practice for non-global variables. - local str="Disk space check" - # Required space in KB - local required_free_kilobytes=51200 - # Calculate existing free space on this machine - local existing_free_kilobytes - existing_free_kilobytes=$(df -Pk | grep -m1 '\/$' | awk '{print $4}') - - # If the existing space is not an integer, - if ! [[ "${existing_free_kilobytes}" =~ ^([0-9])+$ ]]; then - # show an error that we can't determine the free space - echo -e " ${CROSS} ${str} - Unknown free disk space! - We were unable to determine available free disk space on this system. - You may override this check, however, it is not recommended - The option '${COL_LIGHT_RED}--i_do_not_follow_recommendations${COL_NC}' can override this - e.g: curl -L https://install.pi-hole.net | bash /dev/stdin ${COL_LIGHT_RED}